Dear all,

    This is a kind reminder to  bare in mind the official dissemination and communication procedure, as stated in the CA:

During the Project and for a period of 1 year after the end of the Project, the dissemination of own Results by one or several Parties including but not restricted to publications and presentations, shall be governed by the procedure of Article 29.1 of the Grant Agreement subject to the following provisions.
Prior notice of any planned publication, including complete draft of the publication, shall be submitted to the Dissemination Committee at least 30 calendar days before the submission. Any objection to the planned publication shall be made in accordance with the Grant Agreement in writing to the Coordinator and to the Party or Parties proposing the dissemination within 14 calendar days after receipt of the notice. If no objection is made within the time limit stated above, the publication shall be deemed permitted.

    A lighter process is currently under evaluation.

Kind regards,

Nelson


On 11/06/19 17:41, Sergej Proskurin wrote:
Dear all,

Sorry for the delayed notification. We have submitted a paper with the
following title and abstract:

Title: "xMP: Selective Memory Protection for Kernel and User Space"

Abstract: Attackers leverage memory corruption vulnerabilities to
establish primitives for reading from or writing to the address space of
the vulnerable process. These primitives form the foundation for
code-reuse and data-oriented attacks. While various defenses against the
former class of attacks have proven effective, mitigation of the latter
remains an open problem. In this paper, we identify various shortcomings
of the x86 architecture regarding memory isolation, and leverage
virtualization to build an effective defense against data-oriented
attacks. We implement xMP, which consists of (in-guest) selective memory
protection primitives that equip VMs with the ability to isolate
sensitive data in user or kernel space into disjoint protection domains.
We interface the Xen altp2m subsystem with the Linux memory management
system, lending VMs the flexibility to define custom policies. Contrary
to conventional approaches, xMP takes advantage of virtualization
extensions, but after initialization, it does not require any hypervisor
intervention. To ensure the integrity of in-kernel management
information, and pointers to sensitive data within protection domains,
xMP protects pointers with HMACs bound to an immutable context, so that
integrity validation succeeds only in the right context. We have applied
xMP to fortify the page tables and process credentials of the Linux
kernel, as well as sensitive data in various user-space applications.
Overall, our evaluation shows that xMP introduces minimal overhead for
real-world workloads and applications, and offers effective protection
against data-oriented attacks.

Once this paper gets accepted, we will acknowledge SPARTA.

Best,

~Sergej