检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Xiayang Wang Fuqian Huang Haibo Chen
机构地区:[1]Shanghai Jiao Tong University,Shanghai Shi,China
出 处:《Cybersecurity》2018年第1期298-312,共15页网络空间安全科学与技术(英文)
基 金:supported in part by National Key Research and Development Program of China;a research grant from Huawei Technologies,Inc.
摘 要:Recently released Intel processors have been equipped with hardware instruction tracing facilities to securely and efficiently record the program execution path.In this paper,we study a case for data integrity checking based on Intel Processor Trace(Intel PT),the instruction tracing facility on x86 processors.We incorporate software instrumentation and hardware instruction tracing to guarantee fine-grained data integrity without frequently switching the processor mode.We incorporate the idea in a system named DTrace which provides primitives to instruct Intel PT to capture the data load and store events,even current Intel PT implementations only record control transfers.The trace is analyzed before the program makes security-sensitive operations.We apply DTrace in several case studies to show that the primitives that DTrace provides are easy to use and help to enhance data integrity in applications.We further evaluate DTrace with several microbenchmarks to show the time cost that DTrace’s data tracing operation incurs.We also evaluate DTrace on Nginx to show the performance impact when Nginx is enhanced in security to provide the integrity during the runtime execution for programmer-defined security sensitive data.We find the performance overhead that DTrace incurs for the data tracing is moderate.
关 键 词:Data integrity checking Hardware instruction tracing
分 类 号:TP3[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49