New York, NY – June 22, 2021 – Because businesses and governments depend on computers and the internet to run everything from the electrical grid to health and water systems, IT security is extremely important to all of us. . It is increasingly violated: Numerous security hacks in the last month include the Colonial Pipeline security hole and the JBS Foods ransomware attacks where hackers took control of the organization’s computer systems and demanded payment for unlock it and return it to the owners. The White House urges businesses to take ransomware threats seriously and update their systems to protect themselves. Yet these attacks continue to threaten us all almost daily.
Columbia Engineering researchers who are leading experts in computer security recently presented two major papers that make computer systems more secure at the International Symposium on Computer Architecture (ISCA), the premier forum for new ideas and results. research in computer architecture. This new research, which has little or little effect on system performance, is already being used to create a processor for the Air Force Research Lab.
“Memory security has been an issue for almost 40 years and many solutions have been offered. We believe memory security continues to be an issue because it does not distribute the load fairly among software engineers. and end users, ”Simha said. Sethumadhavan, associate professor of computer science, whose research focuses on how computer architecture can be used to improve computer security. “With these two articles, we believe we have found the right balance of charges.”
Computer security has been a long standing issue, with many proposed systems usable in research contexts but not in real life situations. Sethumadhavan believes that the way to secure a system is to start with hardware first, and then, in turn, software. The urgency of his research is underscored by the fact that he benefits from major grants from the Office of Naval Research and the US Airforce, and that his doctoral students have received a Qualcomm innovation grant to create solutions for practical safety.
Sethumadhavan’s group noticed that most security issues occur in computer memory, especially pointers. Pointers are used to manage memory and can lead to memory corruption which can open the system to hackers who hijack the program. Current techniques for mitigating memory attacks consume a lot of power and can break software. These methods also dramatically affect a system’s performance: cell phone batteries drain quickly, applications run slowly, and computers crash.
The team set out to resolve these issues and created a security solution that protects memory without affecting a system’s performance. They call their new memory security solution, ZeRØ: Zero-Overhead Resilient Operation Under Pointer Integrity Attacks.
ZeRO presentation VIDEO – https: /
ZeRO has a set of memory instructions and a metadata encoding scheme that protects the code and data pointers of a system. This combination eliminates the performance overhead – it will not affect the speed of a system. ZeRO requires minor modifications to a system’s architecture and can easily be added to modern processors. It is especially important that, even in the event of an attack, ZeRO can perform all of these functions and avoid crashing a system.
“Zero offers memory security at no cost and is a perfect complement to systems that mitigate memory attacks,” said Mohamed Tarek, fourth year doctoral student and co-lead author of the studies. “The keys to the widespread adoption of security techniques are poor performance and convenience. “
The second document that the Sethumadhavan team will present, No-FAT: Architectural Support for Low Overhead Memory Safety Checks, is a system that speeds up safety checks with only a small – 8% – effect on computer performance that is 10 times faster than current software technique to detect memory errors. The name is an allusion to skimmed milk, which, as the ads say, “has all the goodness of milk with fewer calories.”
Presentation VIDEO without FAT – https: /
No-FAT speeds up fuzz testing, a type of automated software testing method, and it’s very easy for developers to add it when building a system. The technique builds on a recent trend in software towards binning memory splitters, which use compartments of different sizes to store memory until the software needs it. Researchers have found that when memory allocation by binning is used by software, it is possible to achieve memory security with little impact on performance and is compatible with existing software.
ZeRO and No-Fat both aim to harden memory systems to be more resistant to attack while having little or no effect on the speed or power consumption of a computer system. The bonus is that with both systems, programmers have to do little or nothing to harden their programs. These ideas could transform the way memory security features are currently supported in processors.
“No-FAT and ZeRO are two major steps in ending a long-standing problem,” said Miguel Arroyo PhD ’21, who was co-lead author of the papers. “Memory security attacks have cost the cyber community millions of dollars. We can now avoid this and protect everyone’s data – it’s a win-win! ”
About the studies
Both papers were presented at the International Symposium on Computing Architecture (ISCA) on June 16, 2021.
“No-FAT: Architectural support for low memory overhead security checks”
The authors are: Mohamed Tarek Ibn Ziad, Miguel A. Arroyo, Evgeny Manzhosov, Ryan Piersma and Simha Sethumadhavan Department of Computer Science Columbia Engineering
The study was supported by an Air Force contract FA8750-20-C-0210, an unrestricted gift from Bloomberg, and the Qualcomm Innovation Fellowship.
“ZeRØ: Resilient operation without overload under pointer integrity attacks”
The authors are: Mohamed Tarek Ibn Ziad, Miguel A. Arroyo, Evgeny Manzhosov and Simha Sethumadhavan Department of Computer Science, Columbia Engineering
The study was partially funded by FA8750-20-C-0210, a Qualcomm Innovation Fellowship, and a Bloomberg grant.
All opinions, findings, conclusions, and recommendations expressed herein are those of the authors and do not necessarily reflect the views of the United States government or business entities. Simha Sethumadhavan holds a significant financial interest in Chip Scan Inc.
LINKS: Paper: http: // www.
http: // engineering.
http: // www.
Columbia Engineering, based in New York City, is one of the best engineering schools in the United States and one of the oldest in the country. Also known as the Fu Foundation School of Engineering and Applied Science, the school expands knowledge and advances technology through the pioneering research of more than 220 faculty, while training undergraduate and graduate students in a collaborative environment to become leaders informed by engineering. The school’s faculty are at the center of the university’s interdisciplinary research, contributing to the Data Science Institute, the Earth Institute, the Zuckerman Mind Brain Behavior Institute, the Precision Medicine Initiative, and the Columbia Nano Initiative. Guided by its strategic vision, “Columbia Engineering for Humanity”, the school aims to translate ideas into innovations that promote a sustainable, healthy, secure, connected and creative humanity.