Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trusted Systems

INTRUST 2014: Trusted Systems pp 328–345Cite as

DATAEvictor: To Reduce the Leakage of Sensitive Data Targeting Multiple Memory Copies and Data Lifetimes

  • Conference paper
  • First Online:

  • 608 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9473))

Abstract

In modern operating systems, when a process terminates, the data still remain in the memory for an uncertain time. In addition, encryption is insufficient because the keys may be leaked through some compulsory means. In this paper, we present a novel OS-level approach called DATAEvictor, which thoroughly and timely evicts the sensitive data not only in the user stack, heap, kernel stack, but also in page cache, kernel buffer, slab objects and virtual memory swap when the process terminates. It aims to cut short the lifetime of sensitive data in memory as early as possible, so as to reduce the possibility of these data being leaked. DATAEvictor provides a “private mode” execution for any application according to user requirements, and just needs an appropriate code extension to the Linux kernel sources. The results of performance evaluation show that the implementation of DATAEvictor only results in a reasonable system performance loss.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Lyman, J.: Security: TaintBochs testing highlights the persistence of OS memory. http://archive09.linux.com/feature/36916. Accessed 22 June 2004

  2. Dunn, A.M., Lee, M.Z., Jana, S., Kim, S., Silberstein, M., Xu, Y., Shmatikov, V., Witchel, E.: Eternal sunshine of the spotless machine: protecting privacy with ephemeral channels, In: OSDI 2012 (2012)

    Google Scholar 

  3. Chow, J., Pfaff, B., Garfinkel, T., Christopher, K., Rosenblum, M.: Understanding data lifetime via whole system simulation. In: Proceedings of the 13th Conference on USENIX Security Symposium, 09–13 August 2004

    Google Scholar 

  4. Czeskis, A., Hilaire, D.J.S., Koscher, K., Gribble, S.D., Kohno, T., Schneier, B.: Defeating encrypted and deniable file systems: TrueCrypt v5.1a and the case of the tattling OS and applications. In: Proceedings of the 3rd Conference on Hot Topics in Security, 29 July 2008 (2008)

    Google Scholar 

  5. Google Project Hosting. LiME-Linux memory extractor. http://code.google.com/p/lime-forensics/

  6. The Volatility Framework. https://code.google.com/p/volatility/

  7. Kannan, J., Altekar, G., Maniatis, P., Chun, B.-G.: Making programs forget: enforcing lifetime for sensitive data. In: Proceedings of the 13th USENIX Conference on Hot Topics in Operating Systems, 09–11 May 2011

    Google Scholar 

  8. Dorrendorf, L.: Protecting Drive Encryption Systems Against Memory Attacks. IACR Cryptology ePrint Archive (2011)

    Google Scholar 

  9. Peterson, P.A.H.: Cryptkeeper: improving security with encrypted RAM. In: Proceedings of the IEEE International Conference on Technologies for Homeland Security (2010)

    Google Scholar 

  10. Provos, N.: Encrypting virtual memory. In: Proceedings of the 9th Conference on USENIX Security Symposium, p. 3, 14–17 August 2000

    Google Scholar 

  11. Onarlioglu, K., Mulliner, C., Robertson, W., Kirda, E.: PRIVEXEC: private execution as an operating system service. In IEEE Symposium on S&P (2013)

    Google Scholar 

  12. Thing, V.L.L., Ying, H.-M.: A novel time-memory trade-off method for password recovery. In: Proceedings of the Ninth Annual DFRWS Conference, vol. 6, Supplement, pp. S114–S120, September 2009

    Google Scholar 

  13. Homepage of the PaX team. http://pax.grsecurity.net

  14. Chow, J., Pfaff, B., Garfinkel, T., Rosenblum, M.: Shredding your garbage: reducing data lifetime through secure deallocation. In: Proceedings of the 14th Conference on USENIX Security Symposium, 31 July–05 August 2005

    Google Scholar 

  15. A new type of attack (2005). http://tech.163.com/05/1228/13/262HR1J000091KUI.html

  16. Gubanovis, Y., Afonin, O.: Catching the Ghost: How to Discover Ephemeral Evidence through Live RAM Analysis (2013). http://forensic.belkasoft.com/download/info/Live_RAM_-Analysis_in_Digital_Forensics.pdf

  17. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M.: Data lifetime is a systems problem. In: ACM SIGOPS European Workshop, 19–22 September 2004

    Google Scholar 

  18. Halderman, J.A, Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold boot attack on encryption keys. In: USENIX Security Symposium (2008)

    Google Scholar 

  19. Di Crescenzo, G., Ferguson, N., Impagliazzo, R., Jakobsson, M.: How to forget a secret. In: Meinel, C., Tison, S. (eds.) STACS 1999. LNCS, vol. 1563, pp. 500–509. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  20. Harrison, K., Xu, S.: Protecting cryptographic keys from memory disclosure attacks. In: IEEE/IFIP International Conference on DSN (2007)

    Google Scholar 

  21. Oberheide, J., Rosenberg, D.: Stackjacking your way to grsecurity/PaX bypass (2011). https://jon.oberheide.org/files/stackjacking-hes11.pdf

  22. Gutmann, P.: Secure deletion of data from magnetic and solid-state memory. In: Proceedings of the 6th USENIX Security Symposium (1996)

    Google Scholar 

  23. Hamilton, T.: ‘Error’ sends bank files to eBay. Toronto Star, 15 September 2003 (2003)

    Google Scholar 

  24. Perlman, R.: File system design with assured delete. In: Proceedings of the Third IEEE International Security in Storage Workshop, pp. 83–88 (2005)

    Google Scholar 

  25. Crypto Introduction: http://www.gnu.org/software/gnu-crypto/

  26. Evolution of Integrity Checking with Intel® Trusted Execution Technology: an Intel IT Perspective. http://www.intel.cn/content/www/cn/zh/pc-security/intel-it-security-trusted-execution-technology-paper.html

  27. McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. In: HASP, 2013, vol. 13, p. 10 (2013)

    Google Scholar 

  28. Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., Del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. ACM (2013)

    Google Scholar 

  29. Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for cpu based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP (2013)

    Google Scholar 

  30. Graziano, M., Lanzi, A., Balzarotti, D.: Hypervisor memory forensics. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 21–40. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  31. Petroni, N.L., Walters, A., Fraser, T., Arbaugh, W.A.: FATKit: a framework for the extraction and analysis of digital forensic data from volatile system memory. Digital Invest. 3(4), 197–210 (2006)

    Article  Google Scholar 

  32. Ubuntu Software Center:http://www.ubuntu.org.cn/ubuntu/features/ubuntu-software-centre

  33. HHD Software Ltd. Free Hex Editor Neo. http://www.hhdsoftware.com/free-hex-editor

  34. Bonnie++. http://www.coker.com.au/bonnie++/

  35. Sissel, J. (a hacker): Xdotool - fake keyboard/mouse input, window management, and more. http://www.semicomplete.com/projects/xdotool/. Posted Sun, 21 July 2013

  36. Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with Haven. In: Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation. USENIX Association (2014)

    Google Scholar 

  37. Suh, G.E., Clarke, D., Gassend, B., Van Dijk, M., Devadas, S.: AEGIS: architecture for tamper-evident and tamper-resistant processing. In: Proceedings of the 17th Annual International Conference on Supercomputing. ACM (2003)

    Google Scholar 

  38. Suh, G.E., Clarke, D., Gassend, B., Dijk, M.V., Devadas, S.: Efficient memory integrity verification and encryption for secure processors. In: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture. IEEE Computer Society (2003)

    Google Scholar 

  39. Lie, D., Thekkath, C.A., Horowitz, M.: Implementing an untrusted operating system on trusted hardware. In: ACM SIGOPS Operating Systems Review. ACM (2003)

    Google Scholar 

  40. Champagne, D., Lee, R.B.: Scalable architectural support for trusted software. In: 2010 IEEE 16th International Symposium on High Performance Computer Architecture (HPCA). IEEE (2010)

    Google Scholar 

  41. Chhabra, S., Rogers, B., Solihin, Y., Prvulovic, M.: Secureme: a hardware-software approach to full system security. In: Proceedings of the International Conference on Supercomputing. ACM (2011)

    Google Scholar 

  42. Viega, J.: Protecting sensitive data in memory (2001). http://www.ibm.com/developerworks/library/s-data.html?n-s-311

  43. Ford, B., Cox, R.: Vx32: lightweight, user-level sandboxing on the x86. In: USENIX Annual Technical Conference (2008)

    Google Scholar 

  44. Yee, B., Sehr, D., Dardyk, G., Chen, J.B., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native client: a sandbox for portable, untrusted x86 native code. In: IEEE Symposium on Security and Privacy (2009)

    Google Scholar 

  45. Borders, K., Vander Weele, E., Lau, B., Prakash, A.: Protecting confidential data on personal computers with storage capsules. In: USENIX Security Symposium (2009)

    Google Scholar 

  46. Tang, Y., Ames, P., Bhamidipati, S., Bijlani, A., Geambasu, R., Sarda, N.: CleanOS: limiting mobile data exposure with idle eviction. In: USENIX Conference on Operating Systems Design and Implementation (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Min Zhu, Bibo Tu, Ruibang You, Yanzhao Li & Dan Meng

Authors
  1. Min Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bibo Tu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ruibang You
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yanzhao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dan Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bibo Tu .

Editor information

Editors and Affiliations

  1. Google, New York, New York, USA

    Moti Yung

  2. Beijing Institute of Technology, Beijing, China

    Liehuang Zhu

  3. Institute for Infocomm Research, Singapore

    Yanjiang Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Zhu, M., Tu, B., You, R., Li, Y., Meng, D. (2015). DATAEvictor: To Reduce the Leakage of Sensitive Data Targeting Multiple Memory Copies and Data Lifetimes. In: Yung, M., Zhu, L., Yang, Y. (eds) Trusted Systems. INTRUST 2014. Lecture Notes in Computer Science(), vol 9473. Springer, Cham. https://doi.org/10.1007/978-3-319-27998-5_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27998-5_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27997-8

  • Online ISBN: 978-3-319-27998-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation