Protection from hardware attacks such as snoopers and mod chips has been receiving increasing attention in computer architecture. This paper presents a new combined memory encryption/authentication scheme. Our split counters for counter-mode encryption simultaneously eliminate counter overflow problems reduce per-block size, we also dramatically improve authentication performance security by using the Galois/Counter Mode of operation (GCM), which leverages to latency overlap it with...

This paper presents ReVive, a novel general-purpose rollback recovery mechanism for shared-memory multiprocessors. ReVive carefully balances the conflicting requirements of availability, performance, and hardware cost. performs checkpointing, logging, distributed parity protection, all memory-based. It enables from wide class errors, including permanent loss an entire node. To maintain high includes specialized that frequent operations in background, such as log updates. keep cost low, more...

This paper presents checkpointed early resource recycling (Cherry), a hybrid mode of execution based on ROB and checkpointing that decouples instruction retirement. Resources are recycled early, resulting in more efficient utilization. Cherry relies state rollback to service exceptions for instructions whose resources have been recycled. leverages the (1) not require in-order as fallback mechanism, (2) allow memory replay traps branch mispredictions without rolling back checkpoint, (3)...

This paper presents FlexiTaint, a hardware accelerator for dynamic taint propagation. FlexiTaint is implemented as an in-order addition to the back-end of processor pipeline, and taints memory locations are stored packed array in regular memory. The propagation scheme specified via software handler that, given operation sourcespsila taints, computes new result. To keep performance overheads low, caches recent lookups uses filter avoid simple common-case behavior. We also describe how...

In today's digital world, computer security issues have become increasingly important. particular, researchers proposed designs for secure processors which utilize hardware-based memory encryption and integrity verification to protect the privacy of computation even from sophisticated physical attacks. However, currently schemes remain hampered by problems that make them impractical use in systems: lack virtual inter-process communication support as well excessive storage performance...

This paper shows that electromagnetic (EM) information leakage from modern laptops and desktops (with no peripherals attached) is indeed possible relatively easy to achieve. The experiments are performed on three laptop systems one desktop system with different processors (Intel Centrino, Core 2, i7, AMD Turion), show both active (program deliberately tries cause emanations at a particular frequency) passive (emanations frequencies happen as result of activity) EM side-channel attacks all...

This paper presents a new metric, which we call Signal Available to Attacker (SAVAT), that measures the side channel signal created by specific single-instruction difference in program execution, i.e. The amount of made available potential attacker who wishes decide whether has executed instruction/event A or B. We also devise practical methodology for measuring SAVAT real systems using only user-level access permissions and common measurement equipment. Finally, perform case study where...

This paper describes EM-Based Detection of Deviations in Program Execution (EDDIE), a new method for detecting anomalies program execution, such as malware and other code injections, without introducing any overheads, adding hardware support, changing software, or using resources on the monitored system itself. Monitoring with EDDIE involves receiving electromagnetic (EM) emanations that are emitted side effect execution system, it relies spikes EM spectrum produced result periodic (e.g....

While removing software bugs consumes vast amounts of human time, hardware support for debugging in modern computers remains rudimentary. Fortunately, we show that mechanisms Thread-Level Speculation (TLS) can be reused to boost productivity. Most notably, TLS's rollback capabilities extended rolling back recent buggy execution and repeating it as many times necessary until the bug is fully characterized. These incremental re-executions are deterministic even multithreaded codes....

Memory bugs are a broad class of that is becoming increasingly common with increasing software complexity, and many these also security vulnerabilities. Unfortunately, existing even hardware approaches for finding identifying memory have considerable performance overheads, target only narrow bugs, costly to implement, or use computational resources inefficiently. This paper describes MemTracker, new support mechanism can be configured perform different kinds access monitoring tasks....

This paper presents ReVive, a novel general-purpose rollback recovery mechanism for shared-memory multiprocessors. ReVive carefully balances the conflicting requirements of availability, performance, and hardware cost. performs checkpointing, logging, distributed parity protection, all memory-based. It enables from wide class errors, including permanent loss an entire node. To maintain high includes specialized that frequent operations in background, such as log updates. keep cost low, more...

Chip-multiprocessors are becoming the dominant vehicle for general-purpose processing, and parallel software will be needed to effectively utilize them. This is notoriously prone synchronization bugs, which often difficult detect repeat debugging. While data race detection order-recording deterministic replay useful in debugging such problems, only schemes lightweight, whereas support scales poorly degrades performance significantly. paper presents our CORD (cost-effective detection)...

With computing increasingly becoming more dispersed, relying on mobile devices, distributed computing, cloud etc. there is an increasing threat from adversaries obtaining physical access to some of the computer systems through theft or security breaches. such untrusted node, a key challenge how provide secure environment where we privacy and integrity for data code application. We propose SecureME, hardware-software mechanism that provides environment. SecureME protects application hardware...

Recent advances in embedded and IoT (internet-of-things) technologies are rapidly transforming health-care solutions we headed to a future of smaller, smarter, wearable connected medical devices. advanced health sensors provide more convenience patients physicians. Where physicians can now wirelessly automatically monitor patient's state. While these devices lot new opportunities improve the care system, they also introduce set security risks since networks. More importantly, extremely...

This paper presents an algorithm for finding carriers of frequency-modulated (FM) and amplitude-modulated (AM) electromagnetic (EM) emanations from computer systems. Computer systems create EM across the RF spectrum making it difficult, error-prone, time consuming to find relatively few that expose sensitive information. One most common simplest mechanisms information leakage occurs when amplitude or a frequency existing strong signal (e.g., processor memory clock) is modulated by system...

This paper presents Spectral Profiling, a new method for profiling program execution without instrumenting or otherwise affecting the profiled system. Profiling monitors EM emanations unintentionally produced by system, looking spectral "spikes" periodic activity (e.g. loops). allows to determine which parts of have executed at what time. By analyzing frequency and shape "spike", can obtain additional information such as per-iteration time loop. The key advantage is that it monitor system...

While all computation generates electromagnetic (EM) side-channel signals, some of the strongest and farthest-propagating signals are created when an existing strong periodic signal (e.g. a clock signal) becomes stronger or weaker (amplitude-modulated) depending on processor memory activity. However, modern systems create emanations at thousands different frequencies, so it is difficult, error-prone, time-consuming task to find those few that AM-modulated by processor/memory

This paper presents an approach for zero-overhead profiling (ZOP). ZOP accomplishes accurate program with no modification to the or system during and dedicated hardware features. To do so, records electromagnetic (EM) emanations generated by computing systems execution analyzes recorded track a program's path generate information. Our consists of two main phases. In training phase, instruments runs it against set inputs collect timing information while simultaneously collecting waveforms EM...

This paper describes a new physical side channel, i.e., the backscattering created by transmitting signal toward integrated circuits (ICs), where internal impedance changes caused on-chip switching activity modulate that is backscattered (reflected) from IC. To demonstrate how this channel can be used to detect small in circuit impedances, we propose method for nondestructively detecting hardware Trojans (HTs) outside chip. We experimentally confirm, using measurements on one instance...

Cyber-physical systems (CPS) are controlling many critical and sensitive aspects of our physical world while being continuously exposed to potential cyber-attacks. These typically have limited performance, memory, energy reserves, which limits their ability run existing advanced malware protection, that, in turn, makes securing them very challenging. To tackle these problems, this paper proposes, REMOTE, a new robust framework detect by externally observing Electromagnetic (EM) signals...

We propose a novel framework called IDEA that exploits electromagnetic (EM) side-channel signals to detect malicious activity on embedded and cyber-physical systems (CPS). first records EM emanations from an uncompromised reference device establish baseline of patterns. then monitors the target device's emanations. When observed deviate patterns, reports this as anomalous or activity. does not require any resource infrastructure on, modification to, monitored system itself. In fact, is...

This paper presents checkpointed early resource recycling (Cherry), a hybrid mode of execution based on ROB and checkpointing that decouples instruction retirement. Resources are recycled early, resulting in more efficient utilization. Cherry relies state rollback to service exceptions for instructions whose resources have been recycled. leverages the (1) not require in-order as fallback mechanism, (2) allow memory replay traps branch mispredictions without rolling back checkpoint, (3)...