Programming Languages Lunch - Mohit Tiwari, UT ECE, "Hardware support for systems security"

Contact Name: 
John Thywissen
Location: 
GDC 6.302
Date: 
Apr 29, 2014 12:00pm - 1:00pm

Talk Audience: UTCS Faculty, Grads, Undergrads, Other Interested Parties

 

Talk Abstract: Applications today span mobile devices and datacenters and spread fast and wide through app-stores.  This opens up new vulnerabilities -- mobile malware spreads through repackaged applications in app-stores, while malicious datacenter employees can get physical access to computation. In this talk, I will describe our proposed defenses for each of these two vulnerabilities.  

Mobile malware rarely requires exploits and instead spreads through repackaged applications that abuse arcane permissions. In response, we propose HaCS -- hardware computational signals -- as a new method to detect mobile malware. HaCS first uses run-time information about a program's instruction stream and its micro-architectural effects to construct a model of the benign program's execution, and then identifies malware as a computational anomaly. We evaluate HaCS using apps driven by real users for over one hour each and by repackaging each app with computationally diverse off-the-shelf as well as synthetic malware payloads.  Our preliminary results indicate that benign apps do have robust signatures and that HaCS forces malicious payloads to slow down considerably to avoid detection. 

On the datacenter side, we introduce Phantom, a new secure processor that obfuscates its memory access trace. To an adversary who can observe the processor's output pins -- through a fake DRAM module, for example --  all memory access traces are computationally indistinguishable (a property known as obliviousness). Phantom's oblivious memory controller scales well with available memory bandwidth, and when implemented on an FPGA-server with only 150MHz logic driving 80GBps of peak memory bandwidth, reduces ORAM's 200X bandwidth overhead to a 20X latency cost per memory access. Our current work integrates Phantom with a compiler that explicitly manages a memory system comprising of oblivious and encrypted-only memory banks.

Speaker Bio: Mohit Tiwari is an Assistant Professor in ECE at UT Austin, researching computer architecture and security problems. http://users.ece.utexas.edu/~tiwari/