Repurposing Software Defenses with Specialized Hardware

Computer security has largely been the domain of software for the last few decades. Although this approach has been moderately successful during this period, its problems have started becoming more apparent recently because of one primary reason — performance. Software solutions typically exact a significant toll in terms of program slowdown, especially when applied to large, complex software. In the past, when chips became exponentially faster, this growing burden could be accommodated almost for free. But as Moore’s law winds down, security-related slowdowns become more apparent, increasingly intolerable, and subsequently abandoned. As a result, the community has started looking elsewhere for continued protection, as attacks continue to become progressively more sophisticated. One way to mitigate this problem is to complement these defenses in hardware. Despite lacking the semantic perspective of high-level software, specialized hardware typically is not only faster, but also more energy-efficient. However, hardware vendors also have to factor in the cost of integrating security solutions from the perspective of effectiveness, longevity, and cost of development, while allaying the customer’s concerns of performance. As a result, although numerous hardware solutions have been proposed in the past, the fact that so few of them have actually transitioned into practice implies that they were unable to strike an optimal balance of the above qualities. This dissertation proposes the thesis that it is possible to add hardware features that complement and improve program security, traditionally provided by software, without requiring extensive modifications to existing hardware microarchitecture. As such, it marries the collective concerns of not only users and software developers, who demand performant but secure products, but also that of hardware vendors, since implementation simplicity directly relates to reduction in time and cost of development and deployment. To support this thesis, this dissertation discusses two hardware security features aimed at securing program code and data separately and details their full system implementations, and a study of a negative result where the design was deemed practically infeasible, given its high implementation complexity. Firstly, the dissertation discusses code protection by reviving instruction set randomization (ISR), an idea originally proposed for countering code injection and considered impractical in the face of modern attack vectors that employ reuse of existing program code (also known as code reuse attacks). With Polyglot, we introduce ISR with strong AES encryption along with basic code randomization that disallows code decryption at runtime, thus countering most forms of state-of-the-art dynamic code reuse attacks, that read the code at runtime prior to building the code reuse payload. Through various optimizations and corner case workarounds, we show how Polyglot enables code execution with minimal hardware changes while maintaining a small attack surface and incurring nominal overheads even when the code is strongly encrypted in the binary and memory. Next, the dissertation presents REST, a hardware primitive that allows programs to mark memory regions invalid for regular memory accesses. This is achieved simply by storing a large, pre-determined random value at those locations with a special store instruction and then, detecting incoming values at the data cache for matches to the predetermined value. Subsequently, we show how this primitive can be used to protect data from common forms of spatial and temporal memory safety attacks. Notably, because of the simplicity of the primitive, REST requires trivial microarchitectural modifications and hence, is easy to implement, and exhibits negligible performance overheads. Additionally, we demonstrate how it is able to provide practical heap safety even for legacy binaries. For the above proposals, we also detail their hardware implementations on FPGAs, and discuss how each fits within a complete multiprocess system. This serves to give the reader an idea of usage and deployment challenges on a broader scale that goes beyond just the technique’s effectiveness within the context of a single program. Lastly, the dissertation discusses an alternative to the virtual address space, that randomizes the sequence of addresses in a manner invisible to even the program, thus achieving transparent randomization of the entire address space at a very fine granularity. The biggest challenge is to achieve this with minimal microarchitectural changes while accommodating linear data structures in the program (e.g., arrays, structs), both of which are fundamentally based on a linear address space. As a result, this modified address space subsumes the benefits of most other spatial randomization schemes, with the additional benefit of ideally making traversal from one data structure to another impossible. Our study of this idea concludes that although valuable, current memory safety techniques are cheaper to implement and secure enough, so that there are no perceivable use cases for this model of address space safety

OO-IP hybrid language design and a framework approach to the GIPC

Intensional Programming is a declarative programming paradigm in which expressions are evaluated in an inherently multidimensional context space. The Lucid family of programming languages is, to this day, the only programming languages of true intensional nature. Lucid being a functional language, Lucid programs are inherently parallel and their parallelism can be efficiently exploited by the adjunction of a procedural language to increase the granularity of its parallelism, forming hybrid Lucid languages. That very wide array of possibilities raises the need for an extremely flexible programming language investigation platform to investigate on this plethora of possibilities for Intensional Programming. That is the purpose of the General Intensional Programming System (GIPSY), especially, the General Intensional Programming Compiler (GIPC) component. The modularity, reusability and extensibility aspects of the framework approach make it an obvious candidate for the development of the GIPC. The framework presented in this thesis provides a better solution compared to all other techniques used to this day to implement the different variants of intensional programming. Because of the functionality of hybrid programming support in the GIPC framework, a new OO-IP hybrid language is designed for further research. This new hybrid language combines the essential characteristics of IPL and Java, and introduces the notion of object streams which makes it is possible that each element in an IPL stream could be an object with embedded intensional properties. Interestingly, this hybrid language also brings to Java objects the power which can explicitly express context, creating the novel concept of intensional objects, Le. objects whose evaluation is context-dependent, which are therein demonstrated to be translatable into standard objects. By this new feature, we extend the use and meaning of the notion of object and enrich the meaning of stream in IPL and semantics of Java. At the same time, during the procedure to introduce intensional objects and this OO-IP hybrid language, many factors are considered. These factors include how to integrate the new language with the GIPC framework design and the issues related to its integration in the current GIPSY implementation. Current semantic rules show that the new language can work well with the GIPC framework and the GIPSY implementation, which is another proof of the validity of our GIPC framework design. Ultimately, the proposed design is put into implementation in the GIPSY and the implementation put to test using programs from different application domains written in this new OO-IP languag

A middleware for service oriented computing in dynamic environments

Dissertação apresentada na Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa para a obtenção do Grau de Mestre em Engenharia InformáticaThe last years have witnessed a convergence on the SOA paradigm from industrial processes enterprises (like logistics or manufacturing), using standards for data and communication. SOA promotes reusability, interoperability and loose-coupling of applications. The convergence towards SOA shows that we are leading to an infrastructure composed by several heterogeneous devices, the "Internet of Things". In this infrastructure everything can be abstracted as a service, such as household appliances, mobile devices, or industrial machinery. It is expected that this trend will continue, and as these devices interoperate in service composition, new functionalities may be discovered. Existing approaches for service composition, namely in business processes, are too bound to BPEL. Several alternatives and extensions of BPEL have been developed, but they feel more like patches than solutions. In this context SeDeUse [29] model has been proposed as an exercise to define new language constructs promoting a separation from service awareness and use. The model also relies on a middleware layer to support the execution of the application in dynamic environments. The goal of this dissertation is to instantiate the SeDeUse model in a widely used programming language in order to provide a framework for its assessment and for its future development. The work consists on implementing a concrete syntax for the model, a compilation process, and a middleware layer. The syntax contains the new language constructs that are integrated in the hosting language. The compilation process is responsible for service definition and code generation. Finally, the middleware acts as a support for the application (generated code) requests. We have seamlessly integrated SeDeUse in the Java programming language and developed a functional prototype. To assess the prototype capability, three scenarios were developed in which we demonstrated that our implementation provides a new, and simpler, approach for abstracting resources as services

Voice Onset Time Enhanced User System (VOTEUS): a web graphic interface for the analysis of plosives’ release phases

The paper proposes an up-to-date literature review of the works using AutoVOT, a discriminative large-margin learning algorithm developed for the semi-automatic measurement of voice onset times. In order to expand the accessibility of the tool in linguistic research, we present VOTEUS, a user-friendly graphic interface written in Python. The interface is conceived to assist the researcher throughout the whole process of annotation, from the forced alignment of the corpora to the refinement of the AutoVOT tier and the extraction of the durations. The general aim is to speed up this phase of data analysis, providing a significant improvement on prevalent practice to date

SylvaDB: A Polyglot and Multi-backend Graph Database Management System

This paper presents SylvaDB, a graph database management system designed to be used by people with no technical knowledge. SylvaDB is based on flexible schema definitions and has been developed taking into account the need to deal with semantic information. It relies on the mathematical notion of property graph. SylvaDB is an open source project and aims at lowering the barrier of adoption for anyone using graph databases. At the same time, it is robust and scalable enough to support collaborative large projects related to knowledge management, document archiving, and research

Radio Broadcasting in Europe: the Search for a Common Digital Future

Europe’s radio is also characterised by a long history of being defined and driven by the state, in highly centralized fashion in the case of countries such as France (Meadel 1994), or indeed in former totalitarian regimes of Eastern Europe (Paulu 1974), and along more federal or devolved lines in countries such as Germany, Switzerland and the Netherlands (Kuhn 1985). The development of state broadcasting monopolies in most European countries, established in the early years of the twentieth century following the invention of sound broadcasting, has ensured that there is an enduring shared common ideological approach to radio broadcasting, which now finds expression in the field of digital radio policy

Consumer Life Cycle and Profiling: A Data Mining Perspective

With the development of technology and continuously increasing of the market demand, the concept to produce better merchandises is generated in the companies. Each customer wants an individual approach or exclusive product, which creates the concept: “one customer one product.” The implementation of the one-to-one approach in the current days is the main exciting task of companies. Millions of customers lead to millions of exclusive products from the manufactures’ views. It is the primary step to study the needs of customers in the market economy. The main task for a company is to know the customer and to provide their desired products and services. In order to get knowledge ahead of the customers’ wishes, a system of profiling potential customers is created accordingly. This chapter provides the review of the customer lifetime from the reach customer (claim future customer’s attention) to the loyalty customer (turn a customer into a company advocate). During the discussion about the customer lifetime, readers will get acquainted with such technologies as funnel analysis, data management platform, customer profiling, customer behavior analysis, and others. The listed technologies in a complex will be created as the one-to-one product or service with a high Return on Investment (ROI)