Information Flow Tracking for Linux Handling Concurrent System Calls and Shared Memory

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Download Full-text

Towards a hardware-assisted information flow tracking ecosystem for ARM processors

2016 26th International Conference on Field Programmable Logic and Applications (FPL) ◽

10.1109/fpl.2016.7577396 ◽

2016 ◽

Author(s):

Muhammad Abdul Wahab ◽

Pascal Cotret ◽

Mounir Nasr Allah ◽

Guillaume Hiet ◽

Vianney Lapotre ◽

...

Keyword(s):

Information Flow ◽

Information Flow Tracking

Download Full-text

Complete information flow tracking from the gates up

Proceeding of the 14th international conference on Architectural support for programming languages and operating systems - ASPLOS '09 ◽

10.1145/1508244.1508258 ◽

2009 ◽

Cited By ~ 91

Author(s):

Mohit Tiwari ◽

Hassan M.G. Wassel ◽

Bita Mazloom ◽

Shashidhar Mysore ◽

Frederic T. Chong ◽

...

Keyword(s):

Information Flow ◽

Complete Information ◽

Information Flow Tracking

Download Full-text

Stochastic Dynamic Information Flow Tracking Game with Reinforcement Learning

Lecture Notes in Computer Science - Decision and Game Theory for Security ◽

10.1007/978-3-030-32430-8_25 ◽

2019 ◽

pp. 417-438

Author(s):

Dinuka Sahabandu ◽

Shana Moothedath ◽

Joey Allen ◽

Linda Bushnell ◽

Wenke Lee ◽

...

Keyword(s):

Reinforcement Learning ◽

Information Flow ◽

Stochastic Dynamic ◽

Dynamic Information ◽

Information Flow Tracking ◽

Dynamic Information Flow Tracking

Download Full-text

An Enhanced Dynamic Information Flow Tracking Method with Reverse Stack Execution

International Journal of Monitoring and Surveillance Technologies Research ◽

10.4018/ijmstr.2015010103 ◽

2015 ◽

Vol 3 (1) ◽

pp. 40-58 ◽

Cited By ~ 2

Author(s):

Anna Trikalinou ◽

Nikolaos Bourbakis

Keyword(s):

Programming Languages ◽

Information Flow ◽

Attack Detection ◽

Control Flow ◽

Security Issue ◽

Memory Errors ◽

Dynamic Information ◽

C Programs ◽

Information Flow Tracking ◽

Dynamic Information Flow Tracking

Memory errors have long been a critical security issue primarily for C/C++ programming languages and are still considered one of the top three most dangerous software errors according to the MITRE ranking. In this paper the authors focus on their exploitation via control-flow hijacking and data-only attacks (stack, and partially heap (G. Novarck & E. Berger, 2010)) by proposing a synergistic security methodology, which can accurately detect and thwart them. Their methodology is based on the Dynamic Information Flow Tracking (DIFT) technique and improves its data-only attack detection by utilizing features from the Reverse Stack Execution (RSE) security technique. Thus, the authors can significantly lower the resource consumption of the latter methodology, while increasing the former's accuracy. Their proof-of-concept compiler implementation verifies their assumptions and is able to protect vulnerable C programs against various real-world attack scenarios.

Download Full-text

Efficient dynamic information flow tracking on a processor with core debug interface

Proceedings of the 52nd Annual Design Automation Conference on - DAC '15 ◽

10.1145/2744769.2744830 ◽

2015 ◽

Cited By ~ 8

Author(s):

Jinyong Lee ◽

Ingoo Heo ◽

Yongje Lee ◽

Yunheung Paek

Keyword(s):

Information Flow ◽

Dynamic Information ◽

Information Flow Tracking ◽

Dynamic Information Flow Tracking

Download Full-text

Expanding Gate Level Information Flow Tracking for Multilevel Security

IEEE Embedded Systems Letters ◽

10.1109/les.2013.2261572 ◽

2013 ◽

Vol 5 (2) ◽

pp. 25-28 ◽

Cited By ~ 5

Author(s):

Wei Hu ◽

J. Oberg ◽

J. Barrientos ◽

Dejun Mu ◽

R. Kastner

Keyword(s):

Information Flow ◽

Multilevel Security ◽

Information Flow Tracking ◽

Level Information

Download Full-text

Data Secrecy Protection Through Information Flow Tracking in Proof-Carrying Hardware IP—Part II: Framework Automation

IEEE Transactions on Information Forensics and Security ◽

10.1109/tifs.2017.2707327 ◽

2017 ◽

Vol 12 (10) ◽

pp. 2430-2443 ◽

Cited By ~ 2

Author(s):

Mohammad-Mahdi Bidmeshki ◽

Xiaolong Guo ◽

Raj Gautam Dutta ◽

Yier Jin ◽

Yiorgos Makris

Keyword(s):

Information Flow ◽

Information Flow Tracking

Download Full-text

Generic Semantics Specification and Processing for Inter-System Information Flow Tracking

Computer and Network Security Essentials ◽

10.1007/978-3-319-58424-9_25 ◽

2017 ◽

pp. 445-460

Author(s):

Pascal Birnstill ◽

Christoph Bier ◽

Paul Wagner ◽

Jürgen Beyerer

Keyword(s):

Information Flow ◽

Information Flow Tracking ◽

System Information

Download Full-text

Interdomain I/O Optimization in Virtualized Sensor Networks

Sensors ◽

10.3390/s18124395 ◽

2018 ◽

Vol 18 (12) ◽

pp. 4395 ◽

Cited By ~ 15

Author(s):

Congfeng Jiang ◽

Tiantian Fan ◽

Yeliang Qiu ◽

Hongyuan Wu ◽

Jilin Zhang ◽

...

Keyword(s):

Sensor Networks ◽

Shared Memory ◽

Performance Optimization ◽

Virtual Machines ◽

Transmission Control Protocol ◽

Virtual Network ◽

Network Interface ◽

Communication Performance ◽

System Calls ◽

Interdomain Communication

In virtualized sensor networks, virtual machines (VMs) share the same hardware for sensing service consolidation and saving power. For those VMs that reside in the same hardware, frequent interdomain data transfers are invoked for data analytics, and sensor collaboration and actuation. Traditional ways of interdomain communications are based on virtual network interfaces of bilateral VMs for data sending and receiving. Since these network communications use TCP/IP (Transmission Control Protocol/Internet Protocol) stacks, they result in lengthy communication paths and frequent kernel interactions, which deteriorate the I/O (Input/Output) performance of involved VMs. In this paper, we propose an optimized interdomain communication approach based on shared memory to improve the interdomain communication performance of multiple VMs residing in the same sensor hardware. In our approach, the sending data are shared in memory pages maintained by the hypervisor, and the data are not transferred through the virtual network interface via a TCP/IP stack. To avoid security trapping, the shared data are mapped in the user space of each VM involved in the communication, therefore reducing tedious system calls and frequent kernel context switches. In implementation, the shared memory is created by a customized shared-device kernel module that has bidirectional event channels between both communicating VMs. For performance optimization, we use state flags in a circular buffer to reduce wait-and-notify operations and system calls during communications. Experimental results show that our proposed approach can provide five times higher throughput and 2.5 times less latency than traditional TCP/IP communication via a virtual network interface.

Download Full-text