Minos: Control data attack prevention orthogonal to memory model

Jedidiah R. Crandall, Frederic T. Chong

Research output: Chapter in Book/Report/Conference proceedingConference contribution

251 Scopus citations

Abstract

We introduce Minos, a microarchitecture that implements Biba's low-water-mark integrity policy on individual words of data. Minos stops attacks that corrupt control data to hijack program control flow but is orthogonal to the memory model. Control data is any data which is loaded into the program counter on control flow transfer, or any data used to calculate such data. The key is that Minos tracks the integrity of all data, but protects control flow by checking this integrity when a program uses the data for control transfer. Existing policies, in contrast, need to differentiate between control and non-control data a priori, a task made impossible by coercions between pointers and other data types such as integers in the C language. Our implementation of Minos for Red Hat Linux 6.2 on a Pentium-based emulator is a stable, usable Linux system on the network on which we are currently running a web server [3]. Our emulated Minos systems running Linux and Windows have stopped several actual attacks. We present a microarchitectural implementation of Minos that achieves negligible impact on cycle time with a small investment in die area, and minor changes to the Linux kernel to handle the tag bits and perform virtual memory swapping.

Original languageEnglish (US)
Title of host publicationProceedings of the 37th Annual International Symposium on Microarchitecture, MICRO-37 2004
Pages221-232
Number of pages12
DOIs
StatePublished - 2004
Externally publishedYes
Event37th International Symposium on Microarchitecture - MICRO-37 2004 - Portland, OR, United States
Duration: Dec 4 2004Dec 8 2004

Publication series

NameProceedings of the Annual International Symposium on Microarchitecture, MICRO
ISSN (Print)1072-4451

Conference

Conference37th International Symposium on Microarchitecture - MICRO-37 2004
Country/TerritoryUnited States
CityPortland, OR
Period12/4/0412/8/04

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Minos: Control data attack prevention orthogonal to memory model'. Together they form a unique fingerprint.

Cite this