297Accesses
Abstract
The rollback mechanism is critical in crash recovery and debugging, but its security problems have not been adequately addressed. This is justified by the fact that existing solutions always require modifications on target software or only work for specific scenarios. As a consequence, rollback is either neglected or restricted or prohibited in existing systems. In this paper, we systematically characterize security threats of rollback as abnormal states of non-deterministic variables and resumed program points caused by rollback. Based on this, we propose RollSec (forRollback Security), which provides general measurements including stateextracting,recording, andcompensating, to maintain correctness of these abnormal states for eliminating rollback threats. RollSec can automatically extract these states based on language-independent information of software as protection targets, which will be monitored during run-time, and compensated to correct states on each rollback without requiring extra modifications or supports of specific architectures. At last, we implement a prototype of RollSec to verify its effectiveness, and conduct performance evaluations which demonstrate that only acceptable overhead is introduced.
This is a preview of subscription content,log in via an institution to check access.
Access this article
Subscribe and save
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
Buy Now
Price includes VAT (Japan)
Instant access to the full article PDF.
Similar content being viewed by others
References
Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (2013)
Berger, S., Cceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: virtualizing the trusted platform module. In: Proceedings of the 15th Conference on USENIX Security Symposium, pp. 305–320 (2006)
Chandra, R., Kim, T., Zeldovich, N.: Asynchronous intrusion recovery for interconnected web services. In: Proceedings of the 24th ACM Symposium on Operating Systems Principles, pp. 213–227. ACM (2013)
Chen, H., Kim, T., Wang, X., Zeldovich, N., Kaashoek, M.F.: Identifying information disclosure in web applications with retroactive auditing. In: Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation, pp. 555–569 (2014)
Developers, N.: Neo4j. Graph NoSQL Database (2012)
Egwutuoha, I.P., Levy, D., Selic, B., Chen, S.: A survey of fault tolerance mechanisms and checkpoint/restart implementations for high performance computing systems. J. Supercomput.65(3), 1302–1326 (2013)
Elnozahy, E.N., Alvisi, L., Wang, Y.M., Johnson, D.B.: A survey of rollback-recovery protocols in message-passing systems. ACM Comput. Surv.34(3), 375–408 (2002)
Fu, M., Bass, L., Liu, A.: Towards a taxonomy of cloud recovery strategies. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 696–701. IEEE (2014)
Fu, M., Zhu, L., Bass, L., Liu, A.: Recovery for failures in rolling upgrade on clouds. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 642–647. IEEE (2014)
Garfinkel, T., Rosenblum, M.: When virtual is harder than real: security challenges in virtual machine based computing environments. In: Proceedings of 10th Workshop on Hot Topics in Operating Systems (2005)
Greene, J.: Intel trusted execution technology. Intel Technology White Paper (2012)
Henning, J.L.: SPEC CPU2006 benchmark descriptions. ACM SIGARCH Comput. Archit. News34(4), 1–17 (2006)
Honarmand, N., Torrellas, J.: Replay debugging: leveraging record and replay for program debugging. In: Proceedings of the 41st International Symposium on Computer Architecture, pp. 445–456. IEEE (2014)
Jin, H., Dai, W., Zou, D.: Theory and methodology of research on cloud security. Sci. China Inf. Sci.59(5), 1–3 (2016)
Jin, H., Zou, D., Dai, W., Wang, F.: Synchronized virtual trusted platform modules (vTPM) and virtual machine (VM) rollbacks (2016). US Patent 9,275,240
Jin, S., Ahn, J., Cha, S., Huh, J.: Architectural support for secure virtualization under a vulnerable hypervisor. In: Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture, pp. 272–283. IEEE (2011)
Kalleberg, K.T.: Programming language independent abstract syntax trees (2003).http://www.ii.uib.no/~karltk/phd/nwpt03-presentation.pdf
Maruyama, M., Tsumura, T., Nakashima, H.: Parallel program debugging based on data-replay. In: Proceedings of the International Conference on Parallel and Distributed Computing Systems, pp. 151–156 (2005)
Matetic, S., Ahmed, M., Kostiainen, K., Dhar, A., Sommer, D., Gervais, A., Juels, A., Capkun, S.: ROTE: rollback protection for trusted execution. Cryptology ePrint Archive (2017)
McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: efficient TCB reduction and attestation. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 143–158. IEEE (2010)
Narayanasamy, S., Pokam, G., Calder, B.: Bugnet: continuously recording program execution for deterministic replay debugging. In: Proceedings of the 32nd International Symposium on Computer Architecture, pp. 284–295 (2005)
Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., McCune, J.M.: Memoir: practical state continuity for protected modules. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 379–394. IEEE (2011)
Pokam, G., Danne, K., Pereira, C., Kassa, R., Kranich, T., Hu, S., Gottschlich, J., Honarmand, N., Dautenhahn, N., King, S.T., Torrellas, J.: QuickRec: prototyping an Intel architecture extension for record and replay of multithreaded programs. In: Proceedings of the 40th Annual International Symposium on Computer Architecture, pp. 643–654. IEEE (2013)
Sherry, J., Gao, P.X., Basu, S., Panda, A., Krishnamurthy, A., Maciocco, C., Manesh, M., Martins, J., Ratnasamy, S., Rizzo, L., Shenker, S.: Rollback-recovery for middleboxes. In: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, pp. 227–240. ACM (2015)
Srinivasan, S.M., Kandula, S., Andrews, C.R., Zhou, Y.: Flashback: a lightweight extension for rollback and deterministic replay for software debugging. In: Proceedings of the USENIX Annual Technical Conference, pp. 29–44 (2004)
Strackx, R., Jacobs, B., Piessens, F.: ICE: a passive, high-speed, state-continuity scheme. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 106–115. ACM (2014)
Strackx, R., Piessens, F.: Ariadne: a minimal approach to state continuity. In: Proceedings of 25th USENIX Security Symposium, pp. 875–892 (2016)
Szefer, J., Lee, R.B.: Architectural support for hypervisor-secure virtualization. In: Proceedings of the 17th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 437–450. ACM (2012)
Wang, Y., Yang, L., Sun, W.: Implementation of IBM vTPM with Xen. J. Mil. Commun. Technol.31(3), 67–71 (2010)
Xia, Y., Liu, Y., Chen, H., Zang, B.: Defending against VM rollback attack. In: Proceedings of International Conference on Dependable Systems and Networks Workshops, pp. 1–5 (2012)
Yamaguchi, F., Golde, N., Arp, D., Rieck, K.: Modeling and discovering vulnerabilities with code property graphs. In: Proceeedings of IEEE Symposium on Security and Privacy, pp. 590–604. IEEE (2014)
Zhang, F., Chen, J., Chen, H., Zang, B.: CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, pp. 203–216. ACM (2011)
Acknowledgements
This work is supported by National Natural Science Foundation of China under Grant No. 61602200, National High-tech R&D Program of China (863 Program) under Grant No. 2015AA016001, and the Fundamental Research Funds for the Central Universities under Grant No. HUST2016YXMS087.
Author information
Authors and Affiliations
Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, Huazhong University of Science and Technology, Wuhan, 430074, China
Weiqi Dai, Yukun Du, Hai Jin, Weizhong Qiang, Deqing Zou & Zhongze Liu
Department of Computer Science, University of Texas at San Antonio, San Antonio, TX, 78249, USA
Shouhuai Xu
- Weiqi Dai
You can also search for this author inPubMed Google Scholar
- Yukun Du
You can also search for this author inPubMed Google Scholar
- Hai Jin
You can also search for this author inPubMed Google Scholar
- Weizhong Qiang
You can also search for this author inPubMed Google Scholar
- Deqing Zou
You can also search for this author inPubMed Google Scholar
- Shouhuai Xu
You can also search for this author inPubMed Google Scholar
- Zhongze Liu
You can also search for this author inPubMed Google Scholar
Corresponding author
Correspondence toWeizhong Qiang.
Rights and permissions
About this article
Cite this article
Dai, W., Du, Y., Jin, H.et al. RollSec: Automatically Secure Software States Against General Rollback.Int J Parallel Prog46, 788–805 (2018). https://doi.org/10.1007/s10766-017-0523-0
Received:
Accepted:
Published:
Issue Date:
Share this article
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative