Photo credit: news.mit.edu

Innovative Security Enhancement for Operating Systems: The Oreo Method

The digital realm faces relentless threats from hackers, much like a chef who guards a coveted recipe. Just as a chef might document a secret formula in a conspicuously worn journal, computer programs store their operational instructions in designated areas within physical memory. Address Space Layout Randomization (ASLR) is a conventional security strategy designed to obscure these essential instructions by dispersing them across different memory locations. Unfortunately, cybercriminals have adapted, utilizing microarchitectural side attacks to exploit vulnerabilities in hardware, thereby pinpointing commonly accessed memory sections and executing code-reuse attacks that can jeopardize security.

In a groundbreaking effort to reinforce ASLR, researchers from the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) have introduced a novel method known as “Oreo.” This innovative approach effectively cloaks memory access patterns, erasing the traces that lead potential attackers to critical program instructions before they are converted into physical addresses. By concealing the locations of code gadgets—brief sequences of instructions used in various tasks—Oreo significantly boosts the security of operating systems, particularly Linux.

The Oreo method operates on three layers, reminiscent of its cookie namesake. It incorporates a “masked address space” that sits between the virtual address space, used for referencing program instructions, and the actual physical address space. This architectural tweak facilitates the re-mapping of code from random virtual addresses to static locations prior to execution, complicating an attacker’s ability to track back to the program’s original memory locations.

Shixin Song, a PhD student at MIT and the lead author of a research paper detailing this work, likens the design to Oreo cookies—the “white filling” symbolizes the layer that obscures gadget locations from prying eyes. Senior author Mengjia Yan, an associate professor at MIT, emphasizes the potential of Oreo to fortify ASLR, noting that while it was originally implemented in operating systems like Windows and Linux, its efficacy has diminished due to various security flaws that have emerged over the past decade.

Yan explained, “Our aim is to restore the integrity of ASLR in contemporary systems, providing a defense against microarchitecture attacks. We have developed a software-hardware co-design mechanism that effectively prevents the leakage of secret memory offsets that indicate the whereabouts of code gadgets.”

The CSAIL team plans to unveil their findings in an upcoming presentation at the Network and Distributed System Security Symposium. In their research, they assessed Oreo’s protective capabilities against Linux by simulating hardware attacks using gem5, a widely utilized platform for computer architecture research. Results confirmed that Oreo successfully mitigated microarchitectural side attacks without compromising the performance of the protected software.

According to Song, the research indicates that Oreo represents a lightweight enhancement to existing security measures. “Our method introduces only slight modifications to hardware, requiring minimal additional storage for metadata, while having a negligible impact on software performance,” she noted. The introduction of Oreo does not significantly delay application execution, making it an attractive security upgrade for ASLR implementations in page-table-based virtual memory systems used broadly across major platforms from Intel, AMD, and Arm.

Looking ahead, the team is contemplating addressing speculative execution attacks—techniques that exploit a computer’s predictive processing to extract hidden data, as demonstrated by the notorious Meltdown and Spectre vulnerabilities of 2018. They stress that Oreo should ideally be implemented alongside other security solutions to provide a comprehensive defense, particularly for extensive systems.

“We envision Oreo as a versatile software-hardware co-design platform applicable to a wider array of applications,” Yan remarked. “Beyond ASLR, we are also exploring new methodologies to protect critical cryptographic libraries that secure information during network communications and in cloud storage.”

The collaboration includes contributions from MIT EECS undergraduate researcher Joseph Zhang and has received backing from entities including Amazon, the U.S. Air Force Office of Scientific Research, and the Semiconductor Research Corporation’s ACE center, which is supported by the U.S. Defense Advanced Research Projects Agency (DARPA).

Source
news.mit.edu