The Experts below are selected from a list of 42342 Experts worldwide ranked by ideXlab platform
Rajiv Gupta - One of the best experts on this subject based on the ideXlab platform.
-
runtime monitoring on multicores via oases
Operating Systems Review, 2009Co-Authors: Vijay Nagarajan, Rajiv GuptaAbstract:Runtime monitoring support serves as a foundation for the important tasks of providing security, performing debugging, and improving performance of applications. Often runtime monitoring requires the maintenance of information associated with each of the application's original Memory Location, which is held in corresponding shadow Memory Locations. Unfortunately, existing robust shadow Memory implementations are inefficient. In this paper, we present OASES: OS and Architectural Support for Efficient Shadow Memory implementation for multicores that is also robust. A combination of operating system support (in the form of coupled alLocation of Memory pages used by the application and associated shadow Memory pages) and architectural support (in the form of ISA support and exposed cache events) is proposed. Our page alLocation policy enables fast translation of original addresses into corresponding shadow Memory addresses; thus allowing implicit addressing of shadow Memory. By exposing the cache events to the software, we ensure in software that the shadow Memory instructions execute atomically with their corresponding original Memory instructions. Our experiments show that the overheads of runtime monitoring tasks are significantly reduced in comparison to previous software implementations.
-
PADTAD - Support for symmetric shadow Memory in multiprocessors
2008Co-Authors: Vijay Nagarajan, Rajiv GuptaAbstract:Runtime monitoring support serves as a foundation for the important tasks of providing security [15, 14, 2], performing debugging [13, 11, 8], and improving performance of applications [1]. Runtime monitoring, typically, requires the maintenance of meta data associated with each of the application's original Memory Location, which are held in corresponding shadow Memory Locations. Each original Memory instruction (OMI) is then accompanied by additional shadow Memory instructions (SMIs) that manipulate the meta data associated with the Memory Location. Often the SMIs associated with OMIs are symmetric, in that, original stores (loads) are accompanied by shadow stores (loads). Unfortunately, existing shadow Memory implementations need thread serialization to ensure that OMIs and SMIs are executed atomically [12]. Naturally this is not an efficient approach, especially in the now ubiquitous multiprocessors. In this paper, we present an efficient shadow Memory implementation that handles symmetric shadow instructions. By coupling the coherency of shadow Memory with the coherency of the main Memory, we ensure that the SMIs execute atomically with their corresponding OMIs. We also couple the alLocation of application Memory pages with its associated shadow pages, for enabling fast translation of original addresses into corresponding shadow Memory addresses. Our experiments show that the overheads of run-time monitoring tasks are significantly reduced in comparison to previous software implementations.
-
ICSM - Identifying the root causes of Memory bugs using corrupted Memory Location suppression
2008 IEEE International Conference on Software Maintenance, 2008Co-Authors: Dennis Jeffrey, N. Gupta, Rajiv GuptaAbstract:We present a general approach for automatically isolating the root causes of Memory-related bugs in software. Our approach is based on the observation that most Memory bugs involve uses of corrupted Memory Locations. By iteratively suppressing (nullifying) the effects of these corrupted Memory Locations during program execution, our approach gradually isolates the root cause of a Memory bug. Our approach can work for common Memory bugs such as buffer overflows, uninitialized reads, and double frees. However, our approach is particularly effective in finding root causes for Memory bugs in which Memory corruption propagates during execution until an observable failure such as a program crash occurs.
Charles E. Leiserson - One of the best experts on this subject based on the ideXlab platform.
-
A simple deterministic algorithm for guaranteeing the forward progress of transactions
Information Systems, 2016Co-Authors: Charles E. LeisersonAbstract:This paper describes a remarkably simple deterministic (not probabilistic) contention-management algorithm for guaranteeing the forward progress of transactions - avoiding deadlocks, livelocks, and other anomalies. The transactions must be finite (no infinite loops), but on each restart, a transaction may access different shared-Memory Locations. The algorithm supports irrevocable transactions as long as the transaction satisfies a simple ordering constraint. In particular, a transaction that accesses only one shared-Memory Location is never aborted. The algorithm is suitable for both hardware and software transactional-Memory systems. It also can be used in some contexts as a locking protocol for implementing transactions "by hand." HighlightsA remarkably simple algorithm can guarantee the forward progress of transactions.The algorithm supports irrevocable transactions.The algorithm is suitable for hardware or software transactional-Memory systems.The algorithm can be used as a locking protocol.
Patricia Mary Hearons - One of the best experts on this subject based on the ideXlab platform.
-
CogSci - Storing objects in visual short-term Memory: Location is key
Cognitive Science, 2011Co-Authors: Shriradha Sengupta, Paul Verhaeghen, Patricia Mary HearonsAbstract:Storing objects in visual short-term Memory: Location is key Shriradha Sengupta Georgia Institute of Technology Paul Michel Bernard Verhaeghen Georgia Institute of Technology Patricia Mary Hearons Georgia Institute of Technology Abstract: There are two views that describe the capacity of visual short-term Memory (VSTM): one that posits that capacity has a strict upper limit, and the other that states that capacity has no fixed upper limit. Here we attempt to reconcile these views by measuring capacity of VSTM in two experiments where the number of objects (cubes) and the number of features (colors) in an object were varied independently. In the first experiment, we used a single probe at the center of the screen, and found that the total number of features determined accuracy. In the second, we used a whole-display match-to-sample paradigm, and observed that the total number of objects determined accuracy. These findings suggest that VSTM uses a spatially located binding mechanism whose benefit is lost when the probe and target Locations differ. We are currently running new experiments to test this hypothesis more stringently.
Stefan Mangard - One of the best experts on this subject based on the ideXlab platform.
-
DIMVA - Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript
Detection of Intrusions and Malware and Vulnerability Assessment, 2016Co-Authors: D. Gruß, Clémentine Maurice, Stefan MangardAbstract:A fundamental assumption in software security is that a Memory Location can only be modified by processes that may write to this Memory Location. However, a recent study has shown that parasitic effects in DRAM can change the content of a Memory cell without accessing it, but by accessing other Memory Locations in a high frequency. This so-called Rowhammer bug occurs in most of today's Memory modules and has fatal consequences for the security of all affected systems, e.g., privilege escalation attacks. All studies and attacks related to Rowhammer so far rely on the availability of a cache flush instruction in order to cause accesses to DRAM modules at a sufficiently high frequency. We overcome this limitation by defeating complex cache replacement policies. We show that caches can be forced into fast cache eviction to trigger the Rowhammer bug with only regular Memory accesses. This allows to trigger the Rowhammer bug in highly restricted and even scripting environments. We demonstrate a fully automated attack that requires nothing but a website with JavaScript to trigger faults on remote hardware. Thereby we can gain unrestricted access to systems of website visitors. We show that the attack works on off-the-shelf systems. Existing countermeasures fail to protect against this new Rowhammer attack.
-
rowhammer js a remote software induced fault attack in javascript
arXiv: Cryptography and Security, 2015Co-Authors: D. Gruß, Clémentine Maurice, Stefan MangardAbstract:A fundamental assumption in software security is that a Memory Location can only be modified by processes that may write to this Memory Location. However, a recent study has shown that parasitic effects in DRAM can change the content of a Memory cell without accessing it, but by accessing other Memory Locations in a high frequency. This so-called Rowhammer bug occurs in most of today's Memory modules and has fatal consequences for the security of all affected systems, e.g., privilege escalation attacks. All studies and attacks related to Rowhammer so far rely on the availability of a cache flush instruction in order to cause accesses to DRAM modules at a sufficiently high frequency. We overcome this limitation by defeating complex cache replacement policies. We show that caches can be forced into fast cache eviction to trigger the Rowhammer bug with only regular Memory accesses. This allows to trigger the Rowhammer bug in highly restricted and even scripting environments. We demonstrate a fully automated attack that requires nothing but a website with JavaScript to trigger faults on remote hardware. Thereby we can gain unrestricted access to systems of website visitors. We show that the attack works on off-the-shelf systems. Existing countermeasures fail to protect against this new Rowhammer attack.
R.m. Muir - One of the best experts on this subject based on the ideXlab platform.
-
Memory system reliability improvement through associative cache redundancy
IEEE Journal of Solid-state Circuits, 1991Co-Authors: M.a. Lucente, C.h. Harris, R.m. MuirAbstract:The development of a VLSI device that provides Memory system self-testing and redundancy without incurring the overhead penalties of error-correction coding or page-swapping techniques is described. This device isolates hard errors in system Memory by writing a true and complement pattern to each system Memory Location. Locations from an on-chip fully associative cache are then mapped into the address space in place of faulty Locations. Since substitutions take place at the Memory word level, this method is more efficient than page swapping. Access to the onchip cache occurs in parallel with access to system Memory, so Memory access time is not increased, as it is with error detection and correction (EDAC). Analysis shows that this device can extend the mission time of a nonredundant Memory system by as much as 35 times. >
