Building Trusted Computer Systems via Unified Software Integrity Protection

The task of protecting software integrity can be approached with a two-part strategy that addresses threats to the static integrity of memory contents and the dynamic integrity of software memory interactions. Although their resultant effects are realized in fundamentally different ways, attacks on either memory contents manipulated by instructions or the operation of software are both damaging and facilitate further attack. The ability to alter the static memory state (programs, configuration data, etc.) of software opens an attack vector as broad as the capabilities of the attacker. Altering the operation of running programs (e.g. control flow) allows an attacker to divert the results (memory effects) of the target program from those which were intended by the program author. Neither static nor dynamic analyses of integrity are alone sufficient to completely describe the integrity of trusted system software. Further, there is a characteristic facilitation of vulnerabilities between the two classes of software integrity in that common security violations are decomposed as sequences of static and dynamic integrity violations which have enabling relationships. In order to capture and provide a unified software integrity, this work will analyze software integrity and detail techniques to enable protections to be applied by a coherent, systematic frame- work directly to the memory and memory interactions which exhibit software integrity rather than tailored to each member of an evolving set of particular threats.