Tapti Palit, PhD Thesis Defense, 'Selective Data Encryption: A Scalable Defense against Sensitive Data Leakage Attacks'

Monday, October 11, 2021 - 11:00am to 1:00pm
NCS 220
Event Description: 


Data leakage attacks have become a significant threat to modern

software.  Ranging from simple memory disclosure attacks such as

Heartbleed, to complex transient execution attacks such as Spectre,

these attacks jeopardize the confidentiality of sensitive application

data. In this work, we present our attempts to solve the challenges

involved in defending against both of these types of data leakage

attacks. First, we present Selective Data Encryption (SDE), a technique

that uses strong AES-based encryption to selectively protect in-memory

program data against both memory disclosure and transient data leakage

attacks. By ensuring that sensitive data such as passwords and private

keys are kept encrypted in DRAM memory and hardware caches, SDE

maintains the confidentiality of sensitive data.

Then, we address the challenge of automatically retrofitting existing

applications with SDE. We use static pointer analysis and value flow

analysis to identify a subset of memory operations that must be

transformed to protect the selected data. We applied SDE to medium-sized

applications, such as the popular web server Lighttpd, and the MbedTLS

SSL library. By protecting only a subset of memory operations, we show

that SDE incurs a reasonable performance overhead (13% for MbedTLS) even

when using expensive AES operations.

Finally, we focus on the dual challenges of precision and scalability of

existing pointer analysis algorithms, which present an obstacle in

applying SDE to larger codebases. To this end, we present two techniques

that combine dynamic analysis with static analysis to overcome these

challenges. Our techniques stem from the observation that while dynamic

analysis is not sound, it can be used to augment the static analysis

results to improve precision and scalability. Using these techniques, we

scale SDE to large codebases such as Nginx and OpenSSL with a maximum

overhead of 19%.

Computed Event Type: