Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications

Jamie Levy, Bilal Khan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Memory scanning is a common technique used by malicious programs to read and modify the memory of other programs. Guarding programs against such exploits requires memory encryption, which is presently achievable either by (i) re-writing software to make it encrypt sensitive memory contents, or (ii) employing hardware-based solutions. These approaches are complicated, costly, and present their own vulnerabilities. In this paper, we describe new secure software technology that enables users to transparently add memory encryption to their existing software, without requiring users to invest in costly encryption hardware or requiring programmers to undertake complicated software redesign/redeployment. The Memory Encryption and Transparent Aegis Library (METAL) functions as a shim library, allowing legacy applications to transparently enjoy an assurance of memory confidentiality and integrity. The proposed solution is tunable in terms of trade-offs between security and computational overhead. We describe the design of the library and evaluate its benefits and performance trade-offs.

Original languageEnglish (US)
Title of host publication2007 IEEE International Conference on Communications, ICC'07
Pages1368-1372
Number of pages5
DOIs
StatePublished - Dec 1 2007
Event2007 IEEE International Conference on Communications, ICC'07 - Glasgow, Scotland, United Kingdom
Duration: Jun 24 2007Jun 28 2007

Publication series

NameIEEE International Conference on Communications
ISSN (Print)0536-1486

Conference

Conference2007 IEEE International Conference on Communications, ICC'07
CountryUnited Kingdom
CityGlasgow, Scotland
Period6/24/076/28/07

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications'. Together they form a unique fingerprint.

  • Cite this

    Levy, J., & Khan, B. (2007). Hiding your wares: Transparently retrofitting memory confidentiality into legacy applications. In 2007 IEEE International Conference on Communications, ICC'07 (pp. 1368-1372). [4288901] (IEEE International Conference on Communications). https://doi.org/10.1109/ICC.2007.230