An External Integrity Checker for Increasing Security of Open Source Operating Systems

Size: px
Start display at page:

Download "An External Integrity Checker for Increasing Security of Open Source Operating Systems"

Transcription

1 An External Integrity Checker for Increasing Security of Open Source Operating Systems Hiromasa Shimada, Tsung-Han Lin, Ning Li Distributed and Ubiquitous Computing Lab., Waseda University, Japan

2 Background! There are a lot of OSS in the Linux platform.! Linux is also one of the OSS! They tend to be so huge source code! Linux has 34,563 files and involves 10,431,249 LOC (3.4.0)! Can we make them without bugs by hand?! No, we cannot.

3 How to handle the bugs! One solution is to verify the software to remove bugs! There are a lot of research of formal verifications.! But most of them cannot handle the OS.! A number of states to be verified is not feasible.! Some of research handle the OSes! But they target a specified OS and the part of it.! Only way that we can do for bugs is to apply patches.

4 Integrity Checker! In order to enhance security, the integrity checkers are often used.! Attackers invade the system via the software vulnerabilities.! They often insert rootkits into they system to assist their manipulations.! The integrity checkers can detect the infections of rootkits

5 Specifications! Integrity checkers require specifications to check the kernel.! How to define the correct properties for the integrity checkers?! Most of them are defined by hand.! It requires a lot of engineering cost.! How to verify that the properties are correct?

6 Our Solution! We provide an integrity checker that is generated automatically.! It runs outside from the target OS using a hypervisor.! against cross domain attack! It checks kernel data structures of the target OS

7 System Design

8 Building The Integrity Checker! We need 4 steps to generate the integrity checker.! Make a tracer program! Execute the tracer and obtain the actual kernel data structures.! Analyze the result and generate invariants.! Make the integrity checker

9 Building A Tracer Program! Tracer program obtain actual kernel data of the target kernel.! The tracer runs with Linux at the same time.

10 To get preprocessed files! We modified $LINUX_DIR/scripts/Makefile.build! We cannot use --save-temps option! Using this option saves all of preprocessed files in the current directory.! gcc 4.5 supports to save them in the same directory with object files.! Add a below line in the file cmd_cc_o_c +=; $(CC) $(c_flags) E o $(patsubst %.o,%.i,$@) $<

11 Analyzing Linux Source Codes! We use Haskell and Language.C library to parse Linux source codes.! Environment! python 2.6! ghc ! language.c ! scons 2.0.0

12 Abstracting kernel data structures! In order to make a header file to build a tracer, we have to abstract definitions of kernel data structures from all of the source codes.! global variables! typedef! struct! union

13 How to obtain kernel data structures! Making the tracer is below steps! Make functions to traverse each kernel data structures! Map symbol names in System.map and global variables to get types of the variable and call the functions! Obtained data! Primitive type: actual data! Structure type: pointer address and field! Pointer type: pointer address and actual data

14 Invariants! Our tool generates invariants of the kernel data structures using daikon tool! Daikon requires declared file and traced file! declared file: definitions of target data structures! traced file: obtained data! Example simple_dir_operations.read == proc_root.proc_fops.read! Our tool parses the invariants and generate the integrity checker

15 Applying Integrity Checker! Platform setup! Basic Platform: hypervisor system! Integrity Checker Protection: Secure Pager! Hypervisor: SPUMONE! Secure Pager: using local memory

16 SPUMONE! SH4A architecture! Co-kernel approach! Dedicated device management! Para-virtualization! Small modifications! Distributed design! Per-CPU image

17 Interrupt Virtualization Register Setting - INT2PRI0 ~ INT2PRI7

18 Interrupt Delivery Mechanism

19 Traditional Hypervisor v.s. SPUMONE GPOS RTOS GPOS RTOS Traditional Hypervisor Core 1 Core 2 Core 3 Core 4 SPUMONE SPUMONE SPUMONE SPUMONE Core 1 Core 2 Core 3 Core 4! Single hypervisor Image! Straightforward! Managing! Communication! Distributed design! Risk Diversification! Reliability enhancement! Shared memory communication

20 Protection of the integrity checker! A typical scene.! Without the protection, the Guest OS may attack the integrity checker to invalid the monitoring function.

21 Isolation based on Local memory! Local memory (small size) is a programmable region and can not be accessed by other cores.

22 Basic Architecture! Secure pager is used to extend the size of the local memory virtually.

23 Secure Pager! Xv6: a simple OS to run the integrity checker.! Secure pager verifies the integrity of the xv6 s pages when loading them into local memory.

24 Summary Increasing security using an external integrity checker generated automatically Applying integrity checker Based on hypervisor environment Protected by Secure Pager

Composition Kernel: A Multi-core Processor Virtualization Layer for Rich Functional Smart Products

Composition Kernel: A Multi-core Processor Virtualization Layer for Rich Functional Smart Products Composition Kernel: A Multi-core Processor Virtualization Layer for Rich Functional Smart Products Tatsuo Nakajima, Yuki Kinebuchi, Alexandre Courbot, Hiromasa Shimada, Tsung-Han Lin, and Hitoshi Mitake

More information

Towards Co-existing of Linux and Real-Time OSes

Towards Co-existing of Linux and Real-Time OSes Towards Co-existing of Linux and Real-Time OSes Hitoshi Mitake, Tsung-Han Lin, Hiromasa Shimada, Yuki Kinebuchi, Ning Li, Tatsuo Nakajima Department of Computer Science and Engineering, Waseda University

More information

Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection

Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrés Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University

More information

Hyperkernel: Push-Button Verification of an OS Kernel

Hyperkernel: Push-Button Verification of an OS Kernel Hyperkernel: Push-Button Verification of an OS Kernel Luke Nelson, Helgi Sigurbjarnarson, Kaiyuan Zhang, Dylan Johnson, James Bornholt, Emina Torlak, and Xi Wang The OS Kernel is a critical component Essential

More information

CS 326 Operating Systems C Programming. Greg Benson Department of Computer Science University of San Francisco

CS 326 Operating Systems C Programming. Greg Benson Department of Computer Science University of San Francisco CS 326 Operating Systems C Programming Greg Benson Department of Computer Science University of San Francisco Why C? Fast (good optimizing compilers) Not too high-level (Java, Python, Lisp) Not too low-level

More information

Toward Resilient Cloud Environment:

Toward Resilient Cloud Environment: Toward Resilient Cloud Environment: Case for Virtual Machine Introspection Using Hardware Architectural Invariants Z. Kalbarczyk C. Pham, C. Di Martino, R. Iyer Coordinated Science Laboratory Department

More information

Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017

Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017 Hypervisor security Evgeny Yakovlev, DEFCON NN, 2017 whoami Low-level development in C and C++ on x86 UEFI, virtualization, security Jetico, Kaspersky Lab QEMU/KVM developer at Virtuozzo 2 Agenda Why hypervisor

More information

Virtual Machine Introspection Bhushan Jain

Virtual Machine Introspection Bhushan Jain Virtual Machine Introspection Bhushan Jain Computer Science Department Stony Brook University 1 Traditional Environment Operating System 2 Traditional Environment Process Descriptors Kernel Heap Operating

More information

Doctoral Thesis. Addressing Hybrid OS Environment Issues in the Embedded Virtualization Multicore Platform

Doctoral Thesis. Addressing Hybrid OS Environment Issues in the Embedded Virtualization Multicore Platform Graduate School of Fundamental Science and Engineering Waseda University Doctoral Thesis Thesis Theme Addressing Hybrid OS Environment Issues in the Embedded Virtualization Multicore Platform (Applicant

More information

Towards a Practical, Verified Kernel

Towards a Practical, Verified Kernel Towards a Practical, Verified Kernel Kevin Elphinstone and Gerwin Klein, National ICT Australia and the University of New South Wales Philip Derrin, National ICT Australia Timothy Roscoe, ETH Zürich Gernot

More information

Flicker: An Execution Infrastructure for TCB Minimization

Flicker: An Execution Infrastructure for TCB Minimization Flicker: An Execution Infrastructure for TCB Minimization Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Hiroshi Isozaki (EuroSys 08) Presented by: Tianyuan Liu Oct 31, 2017 Outline Motivation

More information

OS DESIGN PATTERNS II. CS124 Operating Systems Fall , Lecture 4

OS DESIGN PATTERNS II. CS124 Operating Systems Fall , Lecture 4 OS DESIGN PATTERNS II CS124 Operating Systems Fall 2017-2018, Lecture 4 2 Last Time Began discussing general OS design patterns Simple structure (MS-DOS) Layered structure (The THE OS) Monolithic kernels

More information

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system

More information

Protection. Thierry Sans

Protection. Thierry Sans Protection Thierry Sans Protecting Programs How to lower the risk of a program security flaw resulting from a bug? 1. Build better programs 2. Build better operating systems Build Better Programs Why are

More information

Using VMware Player 3.0 with USB Pocket Hard Drive For IT Curriculum

Using VMware Player 3.0 with USB Pocket Hard Drive For IT Curriculum Using VMware Player 3.0 with USB Pocket Hard Drive For IT Curriculum Salient Features Virtual machines stored on the USB Portable Hard Drive can be carried from one computer to another as long as the same

More information

Operating System Structure

Operating System Structure CSE325 Principles of Operating Systems Operating System Structure David Duggan dduggan@sandia.gov January 24, 2013 A View of Operating System Services 1/24/13 CSE325 - OS Structure 2 Operating System Design

More information

Secure Containers with EPT Isolation

Secure Containers with EPT Isolation Secure Containers with EPT Isolation Chunyan Liu liuchunyan9@huawei.com Jixing Gu jixing.gu@intel.com Presenters Jixing Gu: Software Architect, from Intel CIG SW Team, working on secure container solution

More information

Chapter 5 C. Virtual machines

Chapter 5 C. Virtual machines Chapter 5 C Virtual machines Virtual Machines Host computer emulates guest operating system and machine resources Improved isolation of multiple guests Avoids security and reliability problems Aids sharing

More information

Programs. Function main. C Refresher. CSCI 4061 Introduction to Operating Systems

Programs. Function main. C Refresher. CSCI 4061 Introduction to Operating Systems Programs CSCI 4061 Introduction to Operating Systems C Program Structure Libraries and header files Compiling and building programs Executing and debugging Instructor: Abhishek Chandra Assume familiarity

More information

Designing Systems for Push-Button Verification

Designing Systems for Push-Button Verification Designing Systems for Push-Button Verification Luke Nelson, Helgi Sigurbjarnarson, Xi Wang Joint work with James Bornholt, Dylan Johnson, Arvind Krishnamurthy, EminaTorlak, Kaiyuan Zhang Formal verification

More information

Virtualization Device Emulator Testing Technology. Speaker: Qinghao Tang Title 360 Marvel Team Leader

Virtualization Device Emulator Testing Technology. Speaker: Qinghao Tang Title 360 Marvel Team Leader Virtualization Device Emulator Testing Technology Speaker: Qinghao Tang Title 360 Marvel Team Leader 1 360 Marvel Team Established in May 2015, the first professional could computing and virtualization

More information

CSC 5930/9010 Cloud S & P: Virtualization

CSC 5930/9010 Cloud S & P: Virtualization CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network

More information

IMPROVED KERNEL SECURITY THROUGH MEMORY LAYOUT RANDOMIZATION IPCCC 2013

IMPROVED KERNEL SECURITY THROUGH MEMORY LAYOUT RANDOMIZATION IPCCC 2013 IMPROVED KERNEL SECURITY THROUGH MEMORY LAYOUT RANDOMIZATION IPCCC 2013 Dannie M. Stanley Graduate Student Special thanks to my advisors: Professors Dongyan Xu and Eugene Spafford INTRODUCTION PROBLEM

More information

Formal methods for software security

Formal methods for software security Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality

More information

Software Project. Lecturers: Ran Caneti, Gideon Dror Teaching assistants: Nathan Manor, Ben Riva

Software Project. Lecturers: Ran Caneti, Gideon Dror Teaching assistants: Nathan Manor, Ben Riva Software Project Lecturers: Ran Caneti, Gideon Dror Teaching assistants: Nathan Manor, Ben Riva Emails: (canetti/benriva)@post.tau.ac.il nathan.manor@gmail.com gideon@mta.ac.il http://www.cs.tau.ac.il/~roded/courses/soft-project10.html

More information

PRINCIPLES OF OPERATING SYSTEMS

PRINCIPLES OF OPERATING SYSTEMS PRINCIPLES OF OPERATING SYSTEMS Tutorial-1&2: C Review CPSC 457, Spring 2015 May 20-21, 2015 Department of Computer Science, University of Calgary Connecting to your VM Open a terminal (in your linux machine)

More information

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system

More information

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of

More information

Arsenal. Shadow-Box: Lightweight Hypervisor-Based Kernel Protector. Seunghun Han, Jungwhan Kang (hanseunghun

Arsenal. Shadow-Box: Lightweight Hypervisor-Based Kernel Protector. Seunghun Han, Jungwhan Kang (hanseunghun Arsenal Shadow-Box: Lightweight Hypervisor-Based Kernel Protector Seunghun Han, Jungwhan Kang (hanseunghun ultract)@nsr.re.kr Who are we? - Senior security researcher at NSR (National Security Research

More information

Embedded Systems. 5. Operating Systems. Lothar Thiele. Computer Engineering and Networks Laboratory

Embedded Systems. 5. Operating Systems. Lothar Thiele. Computer Engineering and Networks Laboratory Embedded Systems 5. Operating Systems Lothar Thiele Computer Engineering and Networks Laboratory Embedded Operating Systems 5 2 Embedded Operating System (OS) Why an operating system (OS) at all? Same

More information

Advances in Linux process forensics with ECFS

Advances in Linux process forensics with ECFS Advances in Linux process forensics with ECFS Quick history Wanted to design a process snapshot format native to VMA Vudu http://www.bitlackeys.org/#vmavudu ECFS proved useful for other projects as well

More information

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS

More information

Lecture 3: O/S Organization. plan: O/S organization processes isolation

Lecture 3: O/S Organization. plan: O/S organization processes isolation 6.828 2012 Lecture 3: O/S Organization plan: O/S organization processes isolation topic: overall o/s design what should the main components be? what should the interfaces look like? why have an o/s at

More information

Computer Architecture Background

Computer Architecture Background CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 2b Computer Architecture Background Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical & Computer Engineering

More information

C Compilation Model. Comp-206 : Introduction to Software Systems Lecture 9. Alexandre Denault Computer Science McGill University Fall 2006

C Compilation Model. Comp-206 : Introduction to Software Systems Lecture 9. Alexandre Denault Computer Science McGill University Fall 2006 C Compilation Model Comp-206 : Introduction to Software Systems Lecture 9 Alexandre Denault Computer Science McGill University Fall 2006 Midterm Date: Thursday, October 19th, 2006 Time: from 16h00 to 17h30

More information

Introduction. COMP /S2 Week Gernot Heiser UNSW/NICTA/OKL. Distributed under Creative Commons Attribution License 1

Introduction. COMP /S2 Week Gernot Heiser UNSW/NICTA/OKL. Distributed under Creative Commons Attribution License 1 Introduction COMP9242 2008/S2 Week 1 2008 Gernot Heiser UNSW/NICTA/OKL. Distributed under Creative Commons Attribution License 1 Copyright Notice These slides are distributed under the Creative Commons

More information

Towards High Assurance Networks of Virtual Machines

Towards High Assurance Networks of Virtual Machines Towards High Assurance Networks of Virtual Machines Fabrizio Baiardi 1 Daniele Sgandurra 2 1 Polo G. Marconi - La Spezia, University of Pisa, Italy 2 Department of Computer Science, University of Pisa,

More information

Back To The Future: A Radical Insecure Design of KVM on ARM

Back To The Future: A Radical Insecure Design of KVM on ARM Back To The Future: A Radical Insecure Design of KVM on ARM Abstract In ARM, there are certain instructions that generate exceptions. Such instructions are typically executed to request a service from

More information

Supporting Operating System Kernel Data Disambiguation using Points-to Analysis

Supporting Operating System Kernel Data Disambiguation using Points-to Analysis Supporting Operating System Kernel Data Disambiguation using Points-to Analysis Amani Ibriham, James Hamlyn-Harris, John Grundy & Mohamed Almorsy Center for Computing and Engineering Software Systems Swinburne

More information

Last time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control

Last time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating

More information

Malware

Malware reloaded Malware Research Team @ @xabiugarte Motivation Design principles / architecture Features Use cases Future work Dynamic Binary Instrumentation Techniques to trace the execution of a binary (or

More information

Confinement (Running Untrusted Programs)

Confinement (Running Untrusted Programs) Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules

More information

Identifying Security Critical Properties for the Dynamic Verification of a Processor

Identifying Security Critical Properties for the Dynamic Verification of a Processor Identifying Security Critical Properties for the Dynamic Verification of a Processor Rui Zhang, Natalie Stanley, Christopher Griggs, Andrew Chi, Cynthia Sturton 04-12-2017, ASLOS XI AN CHINA 1 Processor

More information

ARM CORTEX-R52. Target Audience: Engineers and technicians who develop SoCs and systems based on the ARM Cortex-R52 architecture.

ARM CORTEX-R52. Target Audience: Engineers and technicians who develop SoCs and systems based on the ARM Cortex-R52 architecture. ARM CORTEX-R52 Course Family: ARMv8-R Cortex-R CPU Target Audience: Engineers and technicians who develop SoCs and systems based on the ARM Cortex-R52 architecture. Duration: 4 days Prerequisites and related

More information

SecVisor: A Tiny Hypervisor for Lifetime Kernel Code Integrity

SecVisor: A Tiny Hypervisor for Lifetime Kernel Code Integrity SecVisor: A Tiny Hypervisor for Lifetime Kernel Code Integrity Arvind Seshadri, Mark Luk, Ning Qu, Adrian Perrig Carnegie Mellon University Kernel rootkits Motivation Malware inserted into OS kernels Anti

More information

CSE 351, Spring 2010 Lab 7: Writing a Dynamic Storage Allocator Due: Thursday May 27, 11:59PM

CSE 351, Spring 2010 Lab 7: Writing a Dynamic Storage Allocator Due: Thursday May 27, 11:59PM CSE 351, Spring 2010 Lab 7: Writing a Dynamic Storage Allocator Due: Thursday May 27, 11:59PM 1 Instructions In this lab you will be writing a dynamic storage allocator for C programs, i.e., your own version

More information

Improving Linux Development with better tools. Andi Kleen. Oct 2013 Intel Corporation

Improving Linux Development with better tools. Andi Kleen. Oct 2013 Intel Corporation Improving Linux Development with better tools Andi Kleen Oct 2013 Intel Corporation ak@linux.intel.com Linux complexity growing Source lines in Linux kernel All source code 16.5 16 15.5 M-LOC 15 14.5 14

More information

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles Safety & Security for the Connected World Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles 16 th June 2015 Mark Pitchford, Technical Manager, EMEA Today

More information

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36 The Challenges of X86 Hardware Virtualization GCC- Virtualization: Rajeev Wankar 36 The Challenges of X86 Hardware Virtualization X86 operating systems are designed to run directly on the bare-metal hardware,

More information

CS 326: Operating Systems. Process Execution. Lecture 5

CS 326: Operating Systems. Process Execution. Lecture 5 CS 326: Operating Systems Process Execution Lecture 5 Today s Schedule Process Creation Threads Limited Direct Execution Basic Scheduling 2/5/18 CS 326: Operating Systems 2 Today s Schedule Process Creation

More information

Gerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish

Gerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish Gerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish Thomas Sewell Harvey Tuch Simon Winwood 1 microkernel

More information

Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection

Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection Brendan Dolan-Gavitt *, Tim Leek, Michael Zhivich, Jonathon Giffin *, and Wenke Lee * * Georgia Institute of Technology MIT Lincoln

More information

Improving Linux development with better tools

Improving Linux development with better tools Improving Linux development with better tools Andi Kleen Oct 2013 Intel Corporation ak@linux.intel.com Linux complexity growing Source lines in Linux kernel All source code 16.5 16 15.5 M-LOC 15 14.5 14

More information

Creating a Practical Security Architecture Based on sel4

Creating a Practical Security Architecture Based on sel4 Creating a Practical Security Architecture Based on sel4 Xinming (Simon) Ou University of South Florida (many slides borrowed/adapted from my student Daniel Wang) 1 Questions for sel4 Community Is there

More information

SFFT Documentation. Release 0.1. Jörn Schumacher

SFFT Documentation. Release 0.1. Jörn Schumacher SFFT Documentation Release 0.1 Jörn Schumacher June 11, 2013 CONTENTS 1 Introduction 3 1.1 When Should I use the SFFT library?.................................. 3 1.2 Target Platform..............................................

More information

Alterna(ve Architectures

Alterna(ve Architectures Alterna(ve Architectures COMS W4118 Prof. Kaustubh R. Joshi krj@cs.columbia.edu hep://www.cs.columbia.edu/~krj/os References: Opera(ng Systems Concepts (9e), Linux Kernel Development, previous W4118s Copyright

More information

Scaling CQUAL to millions of lines of code and millions of users p.1

Scaling CQUAL to millions of lines of code and millions of users p.1 Scaling CQUAL to millions of lines of code and millions of users Jeff Foster, Rob Johnson, John Kodumal and David Wagner {jfoster,rtjohnso,jkodumal,daw}@cs.berkeley.edu. UC Berkeley Scaling CQUAL to millions

More information

Multi-Aspect Profiling of Kernel Rootkit Behavior

Multi-Aspect Profiling of Kernel Rootkit Behavior Multi-Aspect Profiling of Kernel Rootkit Behavior Ryan Riley, Xuxian Jiang, Dongyan Xu Purdue University, North Carolina State University EuroSys 2009 Nürnberg, Germany Rootkits Stealthy malware Hide attacker

More information

Advanced Systems Security: Ordinary Operating Systems

Advanced Systems Security: Ordinary Operating Systems Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:

More information

What's New in CDT 7.0? dominique dot toupin at ericsson dot com

What's New in CDT 7.0? dominique dot toupin at ericsson dot com What's New in CDT 7.0? dominique dot toupin at ericsson dot com 23 committers Project Status Representing IDE vendors, consultants, and users Downloads continue to grow Galileo SR-1: 530,000! CDT / Linux

More information

Constructing and Verifying Cyber Physical Systems

Constructing and Verifying Cyber Physical Systems Constructing and Verifying Cyber Physical Systems Mixed Criticality Scheduling and Real-Time Operating Systems Marcus Völp Overview Introduction Mathematical Foundations (Differential Equations and Laplace

More information

15-213/18-213/15-513, Fall 2017 C Programming Lab: Assessing Your C Programming Skills

15-213/18-213/15-513, Fall 2017 C Programming Lab: Assessing Your C Programming Skills 15-213/18-213/15-513, Fall 2017 C Programming Lab: Assessing Your C Programming Skills 1 Logistics Assigned: Tues., Aug. 29, 2017 Due: Thurs., Sept. 7, 11:59 pm Last possible hand in: Tues., Sept. 7, 11:59

More information

Hardware assisted Virtualization in Embedded

Hardware assisted Virtualization in Embedded Hardware assisted Virtualization in Embedded Tanveer Alam Platform Architect Embedded Virtualization Sponsored by: & Agenda Embedded Virtualization What is embedded? Embedded specific requirements Key

More information

Verification & Validation of Open Source

Verification & Validation of Open Source Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open

More information

Lecture 09: VMs and VCS head in the clouds

Lecture 09: VMs and VCS head in the clouds Lecture 09: VMs and VCS head in the Hands-on Unix system administration DeCal 2012-10-29 1 / 20 Projects groups of four people submit one form per group with OCF usernames, proposed project ideas, and

More information

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Völp, Adam Lackorzynski *, Jérémie Decouchant, Vincent Rahli, Francisco Rocha, and Paulo Esteves-Veríssimo University

More information

HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity

HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity 31 st IEEE Symposium on Security & Privacy, Oakland CA, May 16-19 2010 HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity Zhi Wang, Xuxian Jiang North Carolina State

More information

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania. Virtualization...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania April 6, 2009 (CIS 399 Unix) Virtualization April 6, 2009 1 / 22 What

More information

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software Virtualizaton: One Size Does Not Fit All Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software Agenda Linux and Automotive Challenges Solution: Virtualization Linux Containers Best

More information

Pangu 9 Internals. Tielei Wang and Hao Xu

Pangu 9 Internals. Tielei Wang and Hao Xu Pangu 9 Internals Tielei Wang and Hao Xu Team Pangu Agenda ios Security Overview Pangu 9 Overview Userland Exploits Kernel Patching in Kernel Patch Protections Persistent Code Signing Bypass Conclusion

More information

Heterogeneous Software Architecture with OpenAMP

Heterogeneous Software Architecture with OpenAMP Heterogeneous Software Architecture with OpenAMP Shaun Purvis, Xilinx Agenda Heterogeneous SoCs Linux and OpenAMP OpenAMP for HSA Heterogeneous SoCs A System-on-Chip that integrates multiple processor

More information

TURNING (PAGE) TABLES

TURNING (PAGE) TABLES TURNING (PAGE) TABLES BYPASSING ADVANCED KERNEL MITIGATIONS USING PAGE TABLES MANIPULATIONS BSidesLV 2018 ENSILO.COM ABOUT US Omri Misgav Security Research Team Leader @ ensilo Reverse Engineering, OS

More information

ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay

ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay Or We Can Remember It for You Wholesale (with apologies to Philip K. Dick) George Dunlap, Sam King, SukruCinar, MurtazaBasraiand

More information

Docker 101 Workshop. Eric Smalling - Solution Architect, Docker

Docker 101 Workshop. Eric Smalling - Solution Architect, Docker Docker 101 Workshop Eric Smalling - Solution Architect, Docker Inc. @ericsmalling Who Am I? Eric Smalling Solution Architect Docker Customer Success Team ~25 years in software development, architecture,

More information

Knut Omang Ifi/Oracle 20 Oct, Introduction to virtualization (Virtual machines) Aspects of network virtualization:

Knut Omang Ifi/Oracle 20 Oct, Introduction to virtualization (Virtual machines) Aspects of network virtualization: Software and hardware support for Network Virtualization part 2 Knut Omang Ifi/Oracle 20 Oct, 2015 32 Overview Introduction to virtualization (Virtual machines) Aspects of network virtualization: Virtual

More information

An Operating System Architecture for Future Information Appliances

An Operating System Architecture for Future Information Appliances An Operating System Architecture for Future Information Appliances Tatsuo Nakajima Hiroo Ishikawa Yuki Kinebuchi Midori Sugaya Sun Lei Alexandre Courbot Andrej van der Zee Aleksi Aalto Kwon Ki Duk Department

More information

BUD17-301: KVM/ARM Nested Virtualization. Christoffer Dall

BUD17-301: KVM/ARM Nested Virtualization. Christoffer Dall BUD17-301: KVM/ARM Nested Virtualization Christoffer Dall Nested Virtualization VM VM VM App App App App App VM App Hypervisor Hypervisor Hardware Terminology Nested VM VM Nested VM L2 App App App App

More information

System Wide Tracing User Need

System Wide Tracing User Need System Wide Tracing User Need dominique toupin ericsson com April 2010 About me Developer Tool Manager at Ericsson, helping Ericsson sites to develop better software efficiently Background

More information

Virtual Machine Monitors!

Virtual Machine Monitors! ISA 673 Operating Systems Security Virtual Machine Monitors! Angelos Stavrou, George Mason University! Virtual Machine Monitors 2! Virtual Machine Monitors (VMMs) are everywhere! Industry commitment! Software:

More information

CS330: Operating System and Lab. (Spring 2006) I/O Systems

CS330: Operating System and Lab. (Spring 2006) I/O Systems CS330: Operating System and Lab. (Spring 2006) I/O Systems Today s Topics Block device vs. Character device Direct I/O vs. Memory-mapped I/O Polling vs. Interrupts Programmed I/O vs. DMA Blocking vs. Non-blocking

More information

OS Security IV: Virtualization and Trusted Computing

OS Security IV: Virtualization and Trusted Computing 1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+

More information

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking

More information

The Performance of µ-kernel-based Systems

The Performance of µ-kernel-based Systems Liedtke et al. presented by: Ryan O Connor October 7 th, 2009 Motivation By this time (1997) the OS research community had virtually abandoned research on pure µ-kernels. due primarily

More information

A+ Guide to Managing and Maintaining Your PC. How Hardware and Software Work Together

A+ Guide to Managing and Maintaining Your PC. How Hardware and Software Work Together A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 2 How Hardware and Software Work Together You Will Learn About operating systems, what they are, and what they do How an OS interfaces

More information

High Performance Computing and Programming, Lecture 3

High Performance Computing and Programming, Lecture 3 High Performance Computing and Programming, Lecture 3 Memory usage and some other things Ali Dorostkar Division of Scientific Computing, Department of Information Technology, Uppsala University, Sweden

More information

CptS 360 (System Programming) Unit 2: Introduction to UNIX and Linux

CptS 360 (System Programming) Unit 2: Introduction to UNIX and Linux CptS 360 (System Programming) Unit 2: Introduction to UNIX and Linux Bob Lewis School of Engineering and Applied Sciences Washington State University Spring, 2018 Motivation APIs have a history: Learn

More information

Operating system hardening

Operating system hardening Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications

More information

lpengfei Ding & Chenfu Bao lsecurity Researcher & Baidu X-Lab lfocused on Mobile, IoT and Linux kernel security

lpengfei Ding & Chenfu Bao lsecurity Researcher & Baidu X-Lab lfocused on Mobile, IoT and Linux kernel security lpengfei Ding & Chenfu Bao lsecurity Researcher & Developer @ Baidu X-Lab lfocused on Mobile, IoT and Linux kernel security l Introduction l Past Compat Vulnerabilities l Newly Identified Compat Vulnerabilities

More information

Push-button verification of Files Systems via Crash Refinement

Push-button verification of Files Systems via Crash Refinement Push-button verification of Files Systems via Crash Refinement Verification Primer Behavioral Specification and implementation are both programs Equivalence check proves the functional correctness Hoare

More information

Secure Programming Techniques

Secure Programming Techniques Secure Programming Techniques Meelis ROOS mroos@ut.ee Institute of Computer Science Tartu University spring 2014 Course outline Introduction General principles Code auditing C/C++ Web SQL Injection PHP

More information

Browser Security Guarantees through Formal Shim Verification

Browser Security Guarantees through Formal Shim Verification Browser Security Guarantees through Formal Shim Verification Dongseok Jang Zachary Tatlock Sorin Lerner UC San Diego Browsers: Critical Infrastructure Ubiquitous: many platforms, sensitive apps Vulnerable:

More information

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University Virtual Machines Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Today's Topics History and benefits of virtual machines Virtual machine technologies

More information

CSE Computer Security

CSE Computer Security CSE 543 - Computer Security Lecture 25 - Virtual machine security December 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Implementation and Results Experimental Platform Exact specification

More information

Overview of the OS. CS 450 : Operating Systems Michael Saelee

Overview of the OS. CS 450 : Operating Systems Michael Saelee Overview of the OS CS 450 : Operating Systems Michael Saelee 1 Agenda - what is an operating system? - what are its main responsibilities? - how does it achieve them? - how is an operating

More information

Virtual RDMA devices. Parav Pandit Emulex Corporation

Virtual RDMA devices. Parav Pandit Emulex Corporation Virtual RDMA devices Parav Pandit Emulex Corporation Overview Virtual devices SR-IOV devices Mapped physical devices to guest VM (Multi Channel) Para virtualized devices Software based virtual devices

More information

Ashish Gupta, Data JUET, Guna

Ashish Gupta, Data JUET, Guna Categories of data structures Data structures are categories in two classes 1. Linear data structure: - organized into sequential fashion - elements are attached one after another - easy to implement because

More information

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA The Remote Exploitation of Unaltered Passenger Vehicles Revisited 20 th October 2016 Mark Pitchford, Technical Manager, EMEA Today s hot topic A few years ago, Lynx presentations at events such as this

More information

Motivation was to facilitate development of systems software, especially OS development.

Motivation was to facilitate development of systems software, especially OS development. A History Lesson C Basics 1 Development of language by Dennis Ritchie at Bell Labs culminated in the C language in 1972. Motivation was to facilitate development of systems software, especially OS development.

More information

Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment. Orin Jeff Melnick

Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment. Orin Jeff Melnick Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment Orin Thomas @orinthomas Jeff Melnick Jeff.Melnick@Netwrix.com In this session Vulnerability types Spectre Meltdown Spectre

More information

Initial Evaluation of a User-Level Device Driver Framework

Initial Evaluation of a User-Level Device Driver Framework Initial Evaluation of a User-Level Device Driver Framework Stefan Götz Karlsruhe University Germany sgoetz@ira.uka.de Kevin Elphinstone National ICT Australia University of New South Wales kevine@cse.unsw.edu.au

More information