Computer security is very important to all of us, as businesses and governments rely on computers and the Internet to do everything from the power grid, medical and water systems. It is being infringed more and more. Last month’s security hacks included a breach of the Colonial Pipeline and a JBS Foods ransomware attack in which a hacker hijacked an organization’s computer system and demanded payment to unlock it and release it to its owner. The White House takes the ransomware threat seriously and urges businesses to update their systems to protect themselves. But these attacks continue to threaten us all almost every day.
Researchers at Columbia Engineering, a leader in computer security, make computer systems more secure at the International Symposium on Computer Architecture (ISCA), the premier forum for new ideas and findings in computer architecture2. I recently published two major papers. This new study, which has little or no impact on system performance, has already been used to create Air Force Research Laboratory processors.
“Memory safety has been a problem for nearly 40 years and many solutions have been proposed. Memory safety continues to be a problem because it does not evenly distribute the burden between software engineers and end users. I think it will be, “said Simha. Sethumadhavan, an associate professor of computer science, focuses on how to use computer architecture to improve the security of your computer. “With these two treatises, we believe we have found the right balance of burden.”
Computer security has been a long-standing issue, and many of the proposed systems work in a research environment, but not in real-world situations. Sethumadhavan believes that the way to protect your system is to start with the hardware and then the software. The urgency of his research is that he has received significant grants from both the Navy Research Department and the U.S. Air Force, and PhD students are receiving Qualcomm Innovation Fellowships to create practical security solutions. It is emphasized by the fact.
Sethumadhavan’s group has noticed that most security issues occur in computer memory, especially in pointers. Pointers are used to manage memory, which can lead to memory corruption and open the system to hackers who hijack programs. Current technologies for mitigating memory attacks consume a lot of energy and can destroy software. These methods also have a significant impact on system performance. Your phone’s battery drains quickly, apps run slowly, and your computer crashes.
The team set out to address these issues and created a security solution that protects memory without impacting system performance. They call the new memory security solution ZeRØ: a restoring operation with zero overhead under pointer integrity attacks.
ZeRO Overview Video- https://www.youtube.com/watch?v=yoQ4HaQ0Bzc
ZeRO has a set of memory instructions and a metadata encoding scheme that protects system code and data pointers. This combination eliminates performance overhead. It does not affect the speed of the system. ZeRO requires minor changes to the system architecture and can be easily added to modern processors. Of particular importance is that ZeRO can perform all of these functions and avoid system crashes, even under attack.
“Zero provides free memory security and is a perfect complement to systems that mitigate memory attacks,” said Mohammed Tarek, a fourth-year PhD student and co-author of the study. “The key to widespread adoption of security technology is poor performance overhead and convenience.”
A second paper by the Sethumadhavan team, No-FAT: Architectural support for low-overhead memory safety checks is a system that accelerates security checks with only a small (8%) impact on computer performance. 10 times faster. Current software technology for detecting memory errors. The name is, as the ad says, a reference to fat-free milk that “has all the goodness of milk with less calories.”
Fat-free overview video- https://www.youtube.com/watch?v=XDGaYZioJBQ
No-FAT accelerates fuzz testing, which is a type of automated software testing method, and it is very easy for developers to add fuzz testing when building a system. This technique builds on the software’s recent trend of binning memory allocators, using buckets of various sizes to store memory until the software needs it. Researchers have found that using binning memory allocation in software can provide memory security with little impact on performance and is compatible with existing software.
Both ZeRO and No-Fat aim to enhance memory systems to increase their resistance to attacks with little or no impact on the speed or power consumption of computer systems. The bonus is that on both systems, the programmer needs to do almost nothing to enhance the program. These ideas may change the way memory safety features are currently supported by processors.
“No-FAT and ZeRO are two major steps in ending a long-standing problem,” said Miguel Arroyo PhD’21, co-author of the treatise. “Memory safety attacks have cost the cyber community millions of dollars. Now we can avoid them and keep everyone’s data safe. This is a win-win!”
Publication: Both treatises were presented at the International Symposium on Computer Architecture (ISCA) held on June 16, 2021.
“No-FAT: Architecture Support for Low Overhead Memory Safety Checks”
The authors are: MohamedTarekIbnZiad, Miguel A. Arroyo, Evgeny Manzhosov, Ryan Piersma, and Simha Sethumadhavan Computer Science Division Colombian Engineering
This study was supported by the Air Force Contract FA8750-20-C-0210, unlimited gifts from Bloomberg, and the Qualcomm Innovation Fellowship.
“ZeRØ: Restoring operation with zero overhead under pointer integrity attack”
The authors are: MohamedTarekIbnZiad, Miguel A. Arroyo, Evgeny Manzhosov, and Simha Sethumadhavan Faculty of Computer Science, Colombian Engineering
This study was partially supported by gifts from FA8750-20-C-0210, Qualcomm Innovation Fellowship, and Bloomberg.
Make your computer safer-ScienceDaily
Source link Make your computer safer-ScienceDaily