Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications

Jamie Levy, Bilal Khan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Memory scanning is a common technique used by malicious programs to read and modify the memory of other programs. Guarding programs against such exploits requires memory encryption, which is presently achievable either by (i) re-writing software to make it encrypt sensitive memory contents, or (ii) employing hardware-based solutions. These approaches are complicated, costly, and present their own vulnerabilities. In this paper, we describe new secure software technology that enables users to transparently add memory encryption to their existing software, without requiring users to invest in costly encryption hardware or requiring programmers to undertake complicated software redesign/redeployment. The Memory Encryption and Transparent Aegis Library (METAL) functions as a shim library, allowing legacy applications to transparently enjoy an assurance of memory confidentiality and integrity. The proposed solution is tunable in terms of trade-offs between security and computational overhead. We describe the design of the library and evaluate its benefits and performance trade-offs.

Original languageEnglish (US)
Title of host publication2007 IEEE International Conference on Communications, ICC'07
Pages1368-1372
Number of pages5
DOIs
StatePublished - Dec 1 2007
Event2007 IEEE International Conference on Communications, ICC'07 - Glasgow, Scotland, United Kingdom
Duration: Jun 24 2007Jun 28 2007

Publication series

NameIEEE International Conference on Communications
ISSN (Print)0536-1486

Conference

Conference2007 IEEE International Conference on Communications, ICC'07
CountryUnited Kingdom
CityGlasgow, Scotland
Period6/24/076/28/07

Fingerprint

Retrofitting
Data storage equipment
Cryptography
Computer hardware
Shims
Scanning

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

Levy, J., & Khan, B. (2007). Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications. In 2007 IEEE International Conference on Communications, ICC'07 (pp. 1368-1372). [4288901] (IEEE International Conference on Communications). https://doi.org/10.1109/ICC.2007.230

Hiding your wares : Transparently retrofitting memory confidentiality into legacy applications. / Levy, Jamie; Khan, Bilal.

2007 IEEE International Conference on Communications, ICC'07. 2007. p. 1368-1372 4288901 (IEEE International Conference on Communications).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Levy, J & Khan, B 2007, Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications. in 2007 IEEE International Conference on Communications, ICC'07., 4288901, IEEE International Conference on Communications, pp. 1368-1372, 2007 IEEE International Conference on Communications, ICC'07, Glasgow, Scotland, United Kingdom, 6/24/07. https://doi.org/10.1109/ICC.2007.230
Levy J, Khan B. Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications. In 2007 IEEE International Conference on Communications, ICC'07. 2007. p. 1368-1372. 4288901. (IEEE International Conference on Communications). https://doi.org/10.1109/ICC.2007.230
Levy, Jamie ; Khan, Bilal. / Hiding your wares : Transparently retrofitting memory confidentiality into legacy applications. 2007 IEEE International Conference on Communications, ICC'07. 2007. pp. 1368-1372 (IEEE International Conference on Communications).
@inproceedings{5a47eb94d41541c3a4e3433026e57998,
title = "Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications",
abstract = "Memory scanning is a common technique used by malicious programs to read and modify the memory of other programs. Guarding programs against such exploits requires memory encryption, which is presently achievable either by (i) re-writing software to make it encrypt sensitive memory contents, or (ii) employing hardware-based solutions. These approaches are complicated, costly, and present their own vulnerabilities. In this paper, we describe new secure software technology that enables users to transparently add memory encryption to their existing software, without requiring users to invest in costly encryption hardware or requiring programmers to undertake complicated software redesign/redeployment. The Memory Encryption and Transparent Aegis Library (METAL) functions as a shim library, allowing legacy applications to transparently enjoy an assurance of memory confidentiality and integrity. The proposed solution is tunable in terms of trade-offs between security and computational overhead. We describe the design of the library and evaluate its benefits and performance trade-offs.",
author = "Jamie Levy and Bilal Khan",
year = "2007",
month = "12",
day = "1",
doi = "10.1109/ICC.2007.230",
language = "English (US)",
isbn = "1424403537",
series = "IEEE International Conference on Communications",
pages = "1368--1372",
booktitle = "2007 IEEE International Conference on Communications, ICC'07",

}

TY - GEN

T1 - Hiding your wares

T2 - Transparently retrofitting memory confidentiality into legacy applications

AU - Levy, Jamie

AU - Khan, Bilal

PY - 2007/12/1

Y1 - 2007/12/1

N2 - Memory scanning is a common technique used by malicious programs to read and modify the memory of other programs. Guarding programs against such exploits requires memory encryption, which is presently achievable either by (i) re-writing software to make it encrypt sensitive memory contents, or (ii) employing hardware-based solutions. These approaches are complicated, costly, and present their own vulnerabilities. In this paper, we describe new secure software technology that enables users to transparently add memory encryption to their existing software, without requiring users to invest in costly encryption hardware or requiring programmers to undertake complicated software redesign/redeployment. The Memory Encryption and Transparent Aegis Library (METAL) functions as a shim library, allowing legacy applications to transparently enjoy an assurance of memory confidentiality and integrity. The proposed solution is tunable in terms of trade-offs between security and computational overhead. We describe the design of the library and evaluate its benefits and performance trade-offs.

AB - Memory scanning is a common technique used by malicious programs to read and modify the memory of other programs. Guarding programs against such exploits requires memory encryption, which is presently achievable either by (i) re-writing software to make it encrypt sensitive memory contents, or (ii) employing hardware-based solutions. These approaches are complicated, costly, and present their own vulnerabilities. In this paper, we describe new secure software technology that enables users to transparently add memory encryption to their existing software, without requiring users to invest in costly encryption hardware or requiring programmers to undertake complicated software redesign/redeployment. The Memory Encryption and Transparent Aegis Library (METAL) functions as a shim library, allowing legacy applications to transparently enjoy an assurance of memory confidentiality and integrity. The proposed solution is tunable in terms of trade-offs between security and computational overhead. We describe the design of the library and evaluate its benefits and performance trade-offs.

UR - http://www.scopus.com/inward/record.url?scp=38549108589&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38549108589&partnerID=8YFLogxK

U2 - 10.1109/ICC.2007.230

DO - 10.1109/ICC.2007.230

M3 - Conference contribution

AN - SCOPUS:38549108589

SN - 1424403537

SN - 9781424403530

T3 - IEEE International Conference on Communications

SP - 1368

EP - 1372

BT - 2007 IEEE International Conference on Communications, ICC'07

ER -