Transparent code authentication at the processor level

The authors present a lightweight authentication mechanism that verifies the authenticity of code and thereby addresses the virus and malicious code problems at the hardware level eliminating the need for trusted extensions in the operating system. The technique proposed tightly integrates the authentication mechanism into the processor core. The authentication latency is hidden behind the memory access latency, thereby allowing seamless on-the-fly authentication of instructions. In addition, the proposed authentication method supports seamless encryption of code (and static data). Consequently, while providing the software users with assurance for authenticity of programs executing on their hardware, the proposed technique also protects the software manufacturers’ intellectual property through encryption. The performance analysis shows that, under mild assumptions, the presented technique introduces negligible overhead for even moderate cache sizes

Distributed LTL Model Checking with Hash Compaction

AbstractWe extend a distributed-memory explicit-state LTL model checking algorithm (OWCTY) with hash compaction. We provide a detailed description of the improved algorithm and a correctness argument in the theoretical part of the paper. Additionally, we deliver an implementation of the algorithm as part of out parallel and distributed-memory model checker DiVinE, and use this implementation for a practical evaluation of the approach, on which we report in the experimental part of the paper

An Efficient Scheme to Provide Real-time Memory Integrity Protection

Memory integrity protection has been a longstanding issue in trusted system design. Most viruses and malware attack the system by modifying data that they are not authorized to access. With the development of the Internet, viruses and malware spread much faster than ever before. In this setting, protecting the memory becomes increasingly important. However, it is a hard problem to protect the dynamic memory. The data in the memory changes from time to time so that the schemes have to be fast enough to provide real-time protection while in the same time the schemes have to use slow crytographical functions to keep the security level. In this thesis, we propose a new fast authentication scheme for memory. As in previous proposals the scheme uses a Merkle tree to guarantee dynamic protection of memory. We use the universal hash function family NH for speed and couple it with an AES encryption in order to achieve a high level of security. The proposed scheme is much faster compared to similar schemes achieved by cryptographic hash functions such as SHA-1 due to the finer grain incremental hashing ability provided by NH. With a modified version of the proposed scheme, the system can access the data in memory without checking the integrity all the time and still keeps the same security level. This feature is mainly due to the incremental nature of NH. Moreover, we show that combining with caches and parallelism, we can achieve fast and simple software implementation

Muppet: MapReduce-Style Processing of Fast Data

MapReduce has emerged as a popular method to process big data. In the past few years, however, not just big data, but fast data has also exploded in volume and availability. Examples of such data include sensor data streams, the Twitter Firehose, and Facebook updates. Numerous applications must process fast data. Can we provide a MapReduce-style framework so that developers can quickly write such applications and execute them over a cluster of machines, to achieve low latency and high scalability? In this paper we report on our investigation of this question, as carried out at Kosmix and WalmartLabs. We describe MapUpdate, a framework like MapReduce, but specifically developed for fast data. We describe Muppet, our implementation of MapUpdate. Throughout the description we highlight the key challenges, argue why MapReduce is not well suited to address them, and briefly describe our current solutions. Finally, we describe our experience and lessons learned with Muppet, which has been used extensively at Kosmix and WalmartLabs to power a broad range of applications in social media and e-commerce.Comment: VLDB201