TY - GEN
T1 - Privilege escalation attack through address space identifier corruption in untrusted modern processors
AU - Maniatakos, Michail
N1 - Copyright:
Copyright 2013 Elsevier B.V., All rights reserved.
PY - 2013
Y1 - 2013
N2 - Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.
AB - Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.
UR - http://www.scopus.com/inward/record.url?scp=84881142279&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84881142279&partnerID=8YFLogxK
U2 - 10.1109/DTIS.2013.6527798
DO - 10.1109/DTIS.2013.6527798
M3 - Conference contribution
AN - SCOPUS:84881142279
SN - 9781467360388
T3 - Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013
SP - 161
EP - 166
BT - Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013
T2 - 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013
Y2 - 26 March 2013 through 28 March 2013
ER -