OS-level Attacks and Defenses: from Software to Hardware-based Exploits

Run-time attacks have plagued computer systems for more than three decades, with control-flow hijacking attacks such as return-oriented programming representing the long-standing state-of-the-art in memory-corruption based exploits. These attacks exploit memory-corruption vulnerabilities in widely deployed software, e.g., through malicious inputs, to gain full control over the platform remotely at run time, and many defenses have been proposed and thoroughly studied in the past. Among those defenses, control-flow integrity emerged as a powerful and effective protection against code-reuse attacks in practice. As a result, we now start to see attackers shifting their focus towards novel techniques through a number of increasingly sophisticated attacks that combine software and hardware vulnerabilities to construct successful exploits. These emerging attacks have a high impact on computer security, since they completely bypass existing defenses that assume either hardware or software adversaries. For instance, they leverage physical effects to provoke hardware faults or force the system into transient micro-architectural states. This enables adversaries to exploit hardware vulnerabilities from software without requiring physical presence or software bugs. In this dissertation, we explore the real-world threat of hardware and software-based run-time attacks against operating systems. While memory-corruption-based exploits have been studied for more than three decades, we show that data-only attacks can completely bypass state-of-the-art defenses such as Control-Flow Integrity which are also deployed in practice. Additionally, hardware vulnerabilities such as Rowhammer, CLKScrew, and Meltdown enable sophisticated adversaries to exploit the system remotely at run time without requiring any memory-corruption vulnerabilities in the system’s software. We develop novel design strategies to defend the OS against hardware-based attacks such as Rowhammer and Meltdown to tackle the limitations of existing defenses. First, we present two novel data-only attacks that completely break current code-reuse defenses deployed in real-world software and propose a randomization-based defense against such data-only attacks in the kernel. Second, we introduce a compiler-based framework to automatically uncover memory-corruption vulnerabilities in real-world kernel code. Third, we demonstrate the threat of Rowhammer-based attacks in security-sensitive applications and how to enable a partitioning policy in the system’s physical memory allocator to effectively and efficiently defend against such attacks. We demonstrate feasibility and real-world performance through our prototype for the popular and widely used Linux kernel. Finally, we develop a side-channel defense to eliminate Meltdown-style cache attacks by strictly isolating the address space of kernel and user memory

Layered Security Solutions Over Dependency Within Any Layer

Considering the advancement of computer systems and security solutions available in today\u27s constantly changing world, there are various philosophies as to what is required (or adequate) in order to protect a system. This investigative study proposed to explore a possible problem with employing a layered security solution\ over dependence or reliance on any layer. A risk analysis was performed to determine where over dependence or reliance could happen and what could be done to prevent this. Various reviews and other findings online were researched and the data compiled using a qualitative methodology. Lastly, a recommendation is made on what is needed to prevent this problem from happening and what can be learned from this

Freedom to Hack

Swaths of personal and nonpersonal information collected online about internet users are increasingly being used in sophisticated ways to manipulate them based on that information. This represents a new trend in the exploitation of data, where instead of pursuing direct financial gain based on the face value of the data, actors are seeking to engage in data analytics using advanced artificial intelligence technologies that would allow them to more easily access individuals’ cognition and future behavior. Although in recent years the concept of online manipulation has received some academic and policy attention, the desirable relationship between the data-breach law and online manipulation is not yet well-appreciated. In other words, regulators and courts are yet to realize the power of existing legal mechanisms pertaining to data breaches in mitigating the harm of online manipulation. This Article provides an account of this relationship, by looking at online manipulation achieved through psychographic profiling. It submits that the volume, efficacy, and sophistication of present online manipulation techniques pose a considerable and immediate danger to autonomy, privacy, and democracy. Internet actors, political entities, and foreign adversaries fastidiously study the personality traits and vulnerabilities of potential voters and, increasingly, target each such voter with an individually tailored stream of information or misinformation with the intent of exploiting the weaknesses of these individuals. While new norms and regulations will have to be enacted at a certain point to address the problem of manipulation, data-breach law could provide a much-needed backdrop for the challenges presented by online manipulation, while alleviating the sense of lawlessness engulfing current misuses of personal and nonpersonal data. At the heart of this Article is the inquiry of data-breach law’s ability to recognize the full breadth of potential misuse of breached personal information, which today includes manipulation for political purposes. At present, data-breach jurisprudence does very little to recognize its evolving role in regulating misuses of personal information by unauthorized parties. It is a jurisprudence that is partially based on a narrow approach that seeks to remedy materialized harm in the context of identity theft or fraud. This approach contravenes the purpose of data-breach law – to protect individuals from the externalities of certain cyber risks by bridging informational asymmetries between corporations and consumers. This Article develops the theoretical connection between data-breach law and online manipulation, providing for a meaningful regulatory solution that is not currently used to its full extent