Privilege escalation attack through address space identifier corruption in untrusted modern processors

Mihalis Maniatakos

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.

    Original languageEnglish (US)
    Title of host publicationProceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013
    Pages161-166
    Number of pages6
    DOIs
    StatePublished - Aug 12 2013
    Event2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013 - Abu Dhabi, United Arab Emirates
    Duration: Mar 26 2013Mar 28 2013

    Other

    Other2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013
    CountryUnited Arab Emirates
    CityAbu Dhabi
    Period3/26/133/28/13

    Fingerprint

    Microprocessor chips
    Clocks
    Switches
    Wire
    Data storage equipment

    ASJC Scopus subject areas

    • Control and Systems Engineering

    Cite this

    Maniatakos, M. (2013). Privilege escalation attack through address space identifier corruption in untrusted modern processors. In Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013 (pp. 161-166). [6527798] https://doi.org/10.1109/DTIS.2013.6527798

    Privilege escalation attack through address space identifier corruption in untrusted modern processors. / Maniatakos, Mihalis.

    Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013. 2013. p. 161-166 6527798.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Maniatakos, M 2013, Privilege escalation attack through address space identifier corruption in untrusted modern processors. in Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013., 6527798, pp. 161-166, 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013, Abu Dhabi, United Arab Emirates, 3/26/13. https://doi.org/10.1109/DTIS.2013.6527798
    Maniatakos M. Privilege escalation attack through address space identifier corruption in untrusted modern processors. In Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013. 2013. p. 161-166. 6527798 https://doi.org/10.1109/DTIS.2013.6527798
    Maniatakos, Mihalis. / Privilege escalation attack through address space identifier corruption in untrusted modern processors. Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013. 2013. pp. 161-166
    @inproceedings{d2c4310d01cf4aa7b8559a997dae5f25,
    title = "Privilege escalation attack through address space identifier corruption in untrusted modern processors",
    abstract = "Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.",
    author = "Mihalis Maniatakos",
    year = "2013",
    month = "8",
    day = "12",
    doi = "10.1109/DTIS.2013.6527798",
    language = "English (US)",
    isbn = "9781467360388",
    pages = "161--166",
    booktitle = "Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013",

    }

    TY - GEN

    T1 - Privilege escalation attack through address space identifier corruption in untrusted modern processors

    AU - Maniatakos, Mihalis

    PY - 2013/8/12

    Y1 - 2013/8/12

    N2 - Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.

    AB - Privilege escalation attacks are one of the major threats jeopardizing microprocessor operation. Such attacks aim to maliciously increase the privilege level of the executed process, in order to access unauthorized resources. Modern microprocessors include complex memory management modules, with various different privilege levels and numerous ways to change the privilege level. In this paper, we present a malicious modification in the microprocessor process switch mechanism. Contrary to recent work presented in literature, the modification can be deployed during manufacturing process, as it consists of a trivial addition of a gate or wire sizing. The minimal footprint, however, comes at the cost of small window of attack opportunities. Experimental results show that a modification-aware application can gain escalated privileges within a few thousand clock cycles. Moreover, the malicious code has been added to SPEC benchmarks, and we show that the modified benchmarks can get escalated privileges before the end of typical workload, with minimal performance overhead.

    UR - http://www.scopus.com/inward/record.url?scp=84881142279&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84881142279&partnerID=8YFLogxK

    U2 - 10.1109/DTIS.2013.6527798

    DO - 10.1109/DTIS.2013.6527798

    M3 - Conference contribution

    SN - 9781467360388

    SP - 161

    EP - 166

    BT - Proceedings of the 2013 8th International Conference on Design and Technology of Integrated Systems in Nanoscale Era, DTIS 2013

    ER -