Because corporations and governments rely on computers and the internet to run everything from the electric grid, healthcare, and water systems, computer security is extremely important to all of us.
It is increasingly being breached: Numerous security hacks just this past month include the Colonial Pipeline security breach and the JBS Foods ransomware attacks where hackers took over the organization’s computer systems and demanded payment to unlock and release it back to the owners.
The White House is strongly urging companies to take ransomware threats seriously and update their systems to protect themselves. Yet these attacks continue to threaten all of us on an almost daily basis.
Columbia Engineering researchers who are leading experts in computer security recently presented two major papers that make computer systems more secure at the International Symposium on Computer Architecture (ISCA), the premier forum for new ideas and research results in computer architecture.
This new research, which has zero to little effect on system performance, is already being used to create a processor for the Air Force Research Lab.
“Memory safety has been a problem for nearly 40 years and numerous solutions have been proposed. We believe that memory safety continues to be a problem because it does not distribute the burden in a fair manner among software engineers and end-users,” said Simha Sethumadhavan, associate professor of computer science, whose research focuses on how computer architecture can be used to improve computer security.
“With these two papers, we believe we have found the right balance of burdens.”
Computer security has been a long-standing issue, with many proposed systems workable in research settings but not in real-world situations. Sethumadhavan believes that the way to secure a system is to first start with the hardware and then, in turn, the software.
The urgency of his research is underscored by the fact that he has significant grants from both the Office of Naval Research and the U.S. Airforce, and his PhD students have received a Qualcomm Innovation Fellowship to create practical security solutions.
Sethumadhavan’s group noticed that most security issues occur within a computer’s memory, specifically pointers. Pointers are used for managing memory and can lead to memory corruption that can open up the system to hackers who hijack the program.
Current techniques to mitigate memory attacks use up a lot of energy and can break software. These methods also greatly affect a system’s performance–cellphone batteries drain quickly, apps run slowly, and computers crash.
The team set out to address these issues and created a security solution that protects memory without affecting a system’s performance. They call their novel memory security solution, ZeRØ: Zero-Overhead Resilient Operation Under Pointer Integrity Attacks.
ZeRO features a set of memory instructions and a metadata encoding scheme that protects the code and data pointers of a system. This combination eliminates performance overhead – it will not affect the speed of a system.
ZeRO requires minor changes to a system’s architecture and it can easily be added to modern processors. Especially critical is that, even when under attack, ZeRO can perform all these functions and avoid crashing a system.
“Zero offers memory security at no cost and it is a perfect complement to systems that mitigate memory attacks,” said Mohamed Tarek, a fourth-year PhD student and co-lead author of the studies. “The keys to widespread adoption of security techniques are low-performance overhead and convenience.”
The second paper that Sethumadhavan’s team will present, No-FAT: Architectural Support for Low Overhead Memory Safety Checks, is a system that makes security checks faster with only a small – 8% – effect on the computer’s performance which is 10x faster than current software technique for detecting memory errors. The name is an allusion to no-fat milk, which, as the ads say, “has all the goodness of milk with fewer calories”.
No-FAT speeds up fuzz testing, a type of automated software testing method, and it is very easy for developers to add it when building a system. The technique builds on a recent trend in software towards binning memory allocators, which uses buckets of different sizes to store memory until it is needed by the software.
The researchers found that when binning memory allocation is used by the software, it is possible to achieve memory security with little impact on performance and is compatible with existing software.
Both ZeRO and No-Fat are targeted at beefing up memory systems to be more resilient against attacks while having little to no effect on a computer system’s speed or power consumption.
The bonus is that with both systems, programmers need to do little to nothing to harden their programs. These ideas could transform how memory safety features are currently supported in processors.
“No-FAT & ZeRO are two major steps toward putting an end to a long-standing problem,” said Miguel Arroyo PhD ’21, who was a co-lead author of the papers. “Memory safety attacks cost the cyber community millions of dollars. Now we can avoid that and keep everyone’s data safe–it’s a win-win!”
Related Posts
- 43Whenever you buy something on Amazon, your customer data is automatically updated and stored on thousands of virtual machines in the cloud. For businesses like Amazon, ensuring the safety and security of the data of its millions of customers is essential. This is true for large and small organizations alike.…
- 37Upcoming 5G wireless networks that will provide faster cell phone service may lead to inaccurate weather forecasts, according to a Rutgers study on a controversial issue that has created anxiety among meteorologists. "Our study – the first of its kind that quantifies the effect of 5G on weather prediction error – suggests…
- 33
- 32A high-energy shape memory polymer could someday enable robots to “flex their muscles”, according its developers. When stretched or deformed, shape memory polymers return to their original shapes after heat or light is applied. These materials show great promise for soft robotics, smart biomedical devices and deployable space structures, but…
- 30The Association of Universities for Research in Astronomy Astronomers have confirmed the solar system’s most distant known object. Appropriately named “Farfarout”, the object is not large enough to be categorized as a planet, but does orbit the sun, taking 798 Earth years to do so. With the help of the…