TZSlicer: Security-aware dynamic program slicing for hardware isolation

Mengmei Ye, Jonathan Sherman, Witawas Srisa-An, Sheng Wei

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

To address security issues related to information leakage, microprocessor designers and manufacturers such as ARM and Intel have introduced hardware isolation-based technologies to support secure software execution. However, utilizing such technologies often requires significant efforts to design new applications or refactor existing applications to adhere to the usage protocols. Developers also need to clearly distinguish code sections that can manipulate sensitive data and relocate them to the secure execution environment. These processes can be laborious and error-prone, since over-protection can result in poor application performance and high resource usage, and under-protection may cause exploitable security vulnerabilities. In this paper, we introduce TZSlicer, a framework to automatically identify code that must be protected based on a sensitive variable list provided by developers. TZSlicer automatically identifies code sections that can process sensitive data, extracts those sections from the original program, and creates harness in the original and extracted code sections so that they can interface with each other. We develop a prototype of TZSlicer to support slicing of C programs at function, code block, and code line levels. Also, we identify optimization opportunities to improve the context switching overhead of TZSlicer via applying loop unrolling and variable renaming. We evaluate TZSlicer using seven real-world programs, and the evaluation results indicate that TZSlicer is effective in protecting sensitive data without incurring significant runtime and resource usage overheads.

Original languageEnglish (US)
Title of host publicationProceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages17-24
Number of pages8
ISBN (Electronic)9781538647318
DOIs
StatePublished - Jun 12 2018
Externally publishedYes
Event2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018 - Washington, United States
Duration: Apr 30 2018May 4 2018

Publication series

NameProceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018

Other

Other2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018
CountryUnited States
CityWashington
Period4/30/185/4/18

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'TZSlicer: Security-aware dynamic program slicing for hardware isolation'. Together they form a unique fingerprint.

  • Cite this

    Ye, M., Sherman, J., Srisa-An, W., & Wei, S. (2018). TZSlicer: Security-aware dynamic program slicing for hardware isolation. In Proceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018 (pp. 17-24). (Proceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/HST.2018.8383886