Indirect Branch Validation Unit

Gyungho Lee; Yixin Shi; Hui Lin

doi:10.1016/j.micpro.2009.09.002

Indirect Branch Validation Unit

Gyungho Lee, Yixin Shi, Hui Lin

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address - indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.

Original language	English
Pages (from-to)	461-468
Number of pages	8
Journal	Microprocessors and Microsystems
Volume	33
Issue number	7-8
DOIs	https://doi.org/10.1016/j.micpro.2009.09.002
Publication status	Published - 2009 Oct

Keywords

Branch prediction
Control data
Indirect branch
Software attack

ASJC Scopus subject areas

Software
Hardware and Architecture
Computer Networks and Communications
Artificial Intelligence

Access to Document

10.1016/j.micpro.2009.09.002

Cite this

@article{0cc4fca6a1574a60a9e5f6519e995871,

title = "Indirect Branch Validation Unit",

abstract = "This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address - indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.",

keywords = "Branch prediction, Control data, Indirect branch, Software attack",

author = "Gyungho Lee and Yixin Shi and Hui Lin",

year = "2009",

month = oct,

doi = "10.1016/j.micpro.2009.09.002",

language = "English",

volume = "33",

pages = "461--468",

journal = "Microprocessors and Microsystems",

issn = "0141-9331",

publisher = "Elsevier B.V.",

number = "7-8",

}

TY - JOUR

T1 - Indirect Branch Validation Unit

AU - Lee, Gyungho

AU - Shi, Yixin

AU - Lin, Hui

PY - 2009/10

Y1 - 2009/10

N2 - This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address - indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.

AB - This paper presents a micro-architectural enhancement, named Indirect Branch Validation Unit (IBVU), to prevent malicious attacks from compromising the control data of the program. The IBVU provides a run-time control flow protection by validating a dynamic instance of an indirect branch's address and its target address - indirect branch pair (IBP), which represents the program behavior. To validate an IBP at run-time with little performance and storage overhead, the IBVU employs a Bloom filter, a hashing based bit vector representation for querying a set membership. Two organizations trading off of the access delay and space in VLSI design are provided, and three commonly used hashing schemes are evaluated for the performance impact as well as the area overhead. Recognizing potential false positives from adopting the Bloom filter, consideration of reducing it per the Bloom filter's design parameters is discussed, while the difficulty of utilizing the false positives due to hashing based indexing of the Bloom filter for malicious attack is noted.

KW - Branch prediction

KW - Control data

KW - Indirect branch

KW - Software attack

UR - http://www.scopus.com/inward/record.url?scp=70350506103&partnerID=8YFLogxK

U2 - 10.1016/j.micpro.2009.09.002

DO - 10.1016/j.micpro.2009.09.002

M3 - Article

AN - SCOPUS:70350506103

SN - 0141-9331

VL - 33

SP - 461

EP - 468

JO - Microprocessors and Microsystems

JF - Microprocessors and Microsystems

IS - 7-8

ER -

Indirect Branch Validation Unit

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this