Revisiting Challenges for Selective Data Protection of Real Applications
Lin Ma, Jinyan Xu, Jiadong Sun, Yajin Zhou, Xun Xie, Wenbo Shen, Rui, Chang, Kui Ren
TL;DR
This paper examines technical challenges in applying selective data protection to real applications, proposing solutions, implementing a prototype, and demonstrating its efficiency and security through evaluation.
Contribution
It identifies neglected challenges in real-world selective data protection, offers solutions, and provides a practical prototype with performance evaluation.
Findings
Less than 3% runtime overhead with optimizations
Effective solutions to input channel, granularity, and sensitivity conflicts
Prototype demonstrates security guarantees and efficiency
Abstract
Selective data protection is a promising technique to defend against the data leakage attack. In this paper, we revisit technical challenges that were neglected when applying this protection to real applications. These challenges include the secure input channel, granularity conflict, and sensitivity conflict. We summarize the causes of them and propose corresponding solutions. Then we design and implement a prototype system for selective data protection and evaluate the overhead using the RISC-V Spike simulator. The evaluation demonstrates the efficiency (less than 3% runtime overhead with optimizations) and the security guarantees provided by our system.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Cryptographic Implementations and Security