Your search keyword '"Oleksenko, Oleksii"' showing total 10 results

1. Maintaining Security in the Era of Microarchitectural Attacks

Author

Oleksenko, Oleksii, Fetzer, Christof, Bos, Herbert, and Technische Universität Dresden

Subjects

information security, microarchitectural security, speculative execution, side channel, side-channel attack, microarchitectural defence, computer architecture, spectre, ComputerApplications_COMPUTERSINOTHERSYSTEMS, ddc:004, Informationssicherheit, mikroarchitektonische Sicherheit, spekulative Ausführung, Seitenkanal, Seitenkanalangriff, mikroarchitektonische Verteidigung, Computerarchitektur, Spectre

Abstract

Shared microarchitectural state is a target for side-channel attacks that leverage timing measurements to leak information across security domains. These attacks are further enhanced by speculative execution, which transiently distorts the control and data flow of applications, and by untrusted environments, where the attacker may have complete control over the victim program. Under these conditions, microarchitectural attacks can bypass software isolation mechanisms, and hence they threaten the security of virtually any application running in a shared environment. Numerous approaches have been proposed to defend against microarchitectural attacks, but we lack the means to test them and ensure their effectiveness. The users cannot test them manually because the effects of the defences are not visible to software. Testing the defences by attempting attacks is also suboptimal because the attacks are inherently unstable, and a failed attack is not always an indicator of a successful defence. Moreover, some classes of defences can be disabled at runtime. Hence, we need automated tools that would check the effectiveness of defences, both at design time and at runtime. Yet, as it is common in security, the existing solutions lag behind the developments in attacks. In this thesis, we propose three techniques that check the effectiveness of defences against modern microarchitectural attacks. Revizor is an approach to automatically detect microarchitectural information leakage in commercial black-box CPUs. SpecFuzz is a technique for dynamic testing of applications to find instances of speculative vulnerabilities. Varys is an approach to runtime monitoring of system defences against microarchitectural attacks. We show that with these techniques, we can successfully detect microarchitectural vulnerabilities in hardware and flaws in defences against them; find unpatched instances of speculative vulnerabilities in software; and detect attempts to invalidate system defences.

Published

2021

2. SpecFuzz: Bringing Spectre-type vulnerabilities to the surface

Author

Oleksenko, Oleksii, Trach, Bohdan, Silberstein, Mark, and Fetzer, Christof

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

SpecFuzz is the first tool that enables dynamic testing for speculative execution vulnerabilities (e.g., Spectre). The key is a novel concept of speculation exposure: The program is instrumented to simulate speculative execution in software by forcefully executing the code paths that could be triggered due to mispredictions, thereby making the speculative memory accesses visible to integrity checkers (e.g., AddressSanitizer). Combined with the conventional fuzzing techniques, speculation exposure enables more precise identification of potential vulnerabilities compared to state-of-the-art static analyzers. Our prototype for detecting Spectre V1 vulnerabilities successfully identifies all known variations of Spectre V1 and decreases the mitigation overheads across the evaluated applications, reducing the amount of instrumented branches by up to 77% given a sufficient test coverage., To appear in USENIX Security Symposium (2020)

Published

2019

3. Intel MPX Explained: An Empirical Study of Intel MPX and Software-based Bounds Checking Approaches

Author

Oleksenko, Oleksii, Kuvaiskii, Dmitrii, Bhatotia, Pramod, Felber, Pascal, and Fetzer, Christof

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Memory-safety violations are a prevalent cause of both reliability and security vulnerabilities in systems software written in unsafe languages like C/C++. Unfortunately, all the existing software-based solutions to this problem exhibit high performance overheads preventing them from wide adoption in production runs. To address this issue, Intel recently released a new ISA extension - Memory Protection Extensions (Intel MPX), a hardware-assisted full-stack solution to protect against memory safety violations. In this work, we perform an exhaustive study of the Intel MPX architecture to understand its advantages and caveats. We base our study along three dimensions: (a) performance overheads, (b) security guarantees, and (c) usability issues. To put our results in perspective, we compare Intel MPX with three prominent software-based approaches: (1) trip-wire - AddressSanitizer, (2) object-based - SAFECode, and (3) pointer-based - SoftBound. Our main conclusion is that Intel MPX is a promising technique that is not yet practical for widespread adoption. Intel MPX's performance overheads are still high (roughly 50% on average), and the supporting infrastructure has bugs which may cause compilation or runtime errors. Moreover, we showcase the design limitations of Intel MPX: it cannot detect temporal errors, may have false positives and false negatives in multithreaded code, and its restrictions on memory layout require substantial code changes for some programs.

Published

2017

4. Efficient Fault Tolerance using Intel MPX and TSX

Author

Oleksenko, Oleksii, Kuvaiskii, Dmitrii, Bhatotia, Pramod, Fetzer, Christof, Felber, Pascal, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Université de Neuchâtel (UNINE), Matthieu Roy, Javier Alonso Lopez, Antonio Casimiro, and Roy, Matthieu

Subjects

[INFO.INFO-DC] Computer Science [cs]/Distributed, Parallel, and Cluster Computing [cs.DC], [INFO.INFO-DC]Computer Science [cs]/Distributed, Parallel, and Cluster Computing [cs.DC]

Abstract

International audience; Hardware faults can cause data corruptions during computation, and they are especially harmful if these corruptions happen in data pointers. Existing solutions, however, incur high performance overheads, which is unacceptable for compute-intensive applications. In this work, we present an efficient fault-tolerance approach against hardware faults by exploiting the new extensions to the x86 architecture. In particular, we propose that Intel MPX can be effectively used to detect faults in data pointers, while Intel TSX can provide roll-back recovery against these corruptions. Our preliminary evaluation supports this hypothesis, and we estimate the average overhead to be roughly around 50%.

Published

2016

5. Elzar: Triple Modular Redundancy using Intel Advanced Vector Extensions (technical report)

Author

Kuvaiskii, Dmitrii, Oleksenko, Oleksii, Bhatotia, Pramod, Felber, Pascal, and Fetzer, Christof

Subjects

FOS: Computer and information sciences, Computer Science - Distributed, Parallel, and Cluster Computing, Distributed, Parallel, and Cluster Computing (cs.DC)

Abstract

Instruction-Level Redundancy (ILR) is a well-known approach to tolerate transient CPU faults. It replicates instructions in a program and inserts periodic checks to detect and correct CPU faults using majority voting, which essentially requires three copies of each instruction and leads to high performance overheads. As SIMD technology can operate simultaneously on several copies of the data, it appears to be a good candidate for decreasing these overheads. To verify this hypothesis, we propose Elzar, a compiler framework that transforms unmodified multithreaded applications to support triple modular redundancy using Intel AVX extensions for vectorization. Our experience with several benchmark suites and real-world case-studies yields mixed results: while SIMD may be beneficial for some workloads, e.g., CPU-intensive ones with many floating-point operations, it exhibits higher overhead than ILR in many applications we tested. We study the sources of overheads and discuss possible improvements to Intel AVX that would lead to better performance., Short version of this report appeared in the 46th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'2016) under the title "ELZAR: Triple Modular Redundancy using Intel Advanced Vector Extensions (practical experience report)"

Published

2016

6. ELZAR: Triple Modular Redundancy using Intel Advanced Vector Extensions Technical Report

Author

Kuvaiskii, Dmitrii, Oleksenko, Oleksii, Bhatotia, Pramod, Felber, Pascal, and Fetzer, Christof

Published

2016

7. SIMD-Swift: Improving Performance of Swift Fault Detection

Author

Oleksenko, Oleksii, Fetzer, Christof, Kuvaiskii, Dmitrii, and Technische Universität Dresden

Subjects

SIMD SSE Fault-Tolerance, ddc:004

Abstract

The general tendency in modern hardware is an increase in fault rates, which is caused by the decreased operation voltages and feature sizes. Previously, the issue of hardware faults was mainly approached only in high-availability enterprise servers and in safety-critical applications, such as transport or aerospace domains. These fields generally have very tight requirements, but also higher budgets. However, as fault rates are increasing, fault tolerance solutions are starting to be also required in applications that have much smaller profit margins. This brings to the front the idea of software-implemented hardware fault tolerance, that is, the ability to detect and tolerate hardware faults using software-based techniques in commodity CPUs, which allows to get resilience almost for free. Current solutions, however, are lacking in performance, even though they show quite good fault tolerance results. This thesis explores the idea of using the Single Instruction Multiple Data (SIMD) technology for executing all program\'s operations on two copies of the same data. This idea is based on the observation that SIMD is ubiquitous in modern CPUs and is usually an underutilized resource. It allows us to detect bit-flips in hardware by a simple comparison of two copies under the assumption that only one copy is affected by a fault. We implemented this idea as a source-to-source compiler which performs hardening of a program on the source code level. The evaluation of our several implementations shows that it is beneficial to use it for applications that are dominated by arithmetic or logical operations, but those that have more control-flow or memory operations are actually performing better with the regular instruction replication. For example, we managed to get only 15% performance overhead on Fast Fourier Transformation benchmark, which is dominated by arithmetic instructions, but memory-access-dominated Dijkstra algorithm has shown a high overhead of 200%.

Published

2015

8. ADVANCED APPROACH TO WEB SERVICE DISCOVERY AND SELECTION

Author

Pukhkaiev, Dmytro S., Oleksenko, Oleksii O., Kot, Tetiana M., Globa, Larysa S., and Schill, Alexander

Subjects

621.93

Abstract

Web Service Composition (WSC) is a process that helps to save much programming and cost effort by reusing existing components – web services. This process consists of two major stages – Web Service Discovery and Selection (WSD, WSS). This paper presents an overview of current state-of-the-art WSD and WSS methods. It also provides an analysis and highlighting of major problems like lack of support of the syntactical description in fuzzy logic algorithms in WSD and complex approach shortage in WSS problem. Moreover WSC approach and SLA-Aware WSC System are presented.

Published

2014

9. T-Lease

Author

Trach, Bohdan, Faqeh, Rasha, Oleksenko, Oleksii, Ozga, Wojciech, Bhatotia, Pramod, and Fetzer, Christof

10. SGXBOUNDS

Author

Kuvaiskii, Dmitrii, Oleksenko, Oleksii, Arnautov, Sergei, Trach, Bohdan, Bhatotia, Pramod, Felber, Pascal, and Fetzer, Christof