Global ETD Search

1	The Color Line and Georgia History Textbooks: A Content Analysis Mitchell, Michele D 01 August 2013 (has links) The purpose of this research is to define racialized textbook bias, conduct a content analysis of Georgia history textbooks, and answer the following question: how is race framed in contemporary Georgia history textbooks? A content analysis of nine Georgia history textbooks was completed for grades two and eight. A Du Boisian theoretical framing of race prejudice as the macro-social condition of the micro-social process of race was an integral component of the content analysis. The findings revealed the existence of racialized textbook bias in the form of marginalization, compartmentalization, and omission suggesting the continuation of White supremacy and Black oppression in the process of education in Georgia public schools. Racialized Textbook Bias Omission Compartmentalization Marginalization
2	On Improving the Security of Virtualized Systems through Unikernelized Driver Domain and Virtual Machine Monitor Compartmentalization and Specialization Mehrab, A. K. M. Fazla 31 March 2023 (has links) Virtualization is the backbone of cloud infrastructures. Its core subsystems include hypervisors and virtual machine monitors (VMMs). They ensure the isolation and security of co-existent virtual machines (VMs) running on the same physical machine. Traditionally, driver domains -- isolated VMs in a hypervisor such as Xen that run device drivers -- use general-purpose full-featured OSs (e.g., Linux), which has a large attack surface, evident by the increasing number of their common vulnerabilities and exposures (CVEs). We argue for using the unikernel operating system (OS) model for driver domains. In this model, a single application is statically compiled together with the minimum necessary kernel code and libraries to produce a single address-space image, reducing code size by as much as one order of magnitude, which yields security benefits. We develop a driver domain OS, called Kite, using NetBSD OS's rumprun unikernel. Since rumprun is directly based on NetBSD's code, it allows us to leverage NetBSD's large collection of device drivers, including highly specialized ones such as Amazon ENA. Kite's design overcomes several significant challenges including Xen's limited para-virtualization (PV) I/O support in rumprun, lack of Xen backend drivers which prevents rumprun from being used as a driver domain OS, and NetBSD's lack of support for running driver domains in Xen. We instantiate Kite for the two most widely used I/O devices, storage and network, by designing and implementing the storage backend and network backend drivers. Our evaluations reveal that Kite achieves competitive performance to a Linux-based driver domain while using 10x fewer system calls, mitigates a set of CVEs, and retains all the benefits of unikernels including a reduced number of return-oriented programming (ROP) gadgets and advanced gadget-related metrics. General-purpose VMMs include a large number of components that may not be used in many VM configurations, resulting in a large attack surface. In addition, they lack intra-VMM isolation, which degrades security: vulnerabilities in one VMM component can be exploited to compromise other components or that of the host OS and other VMs (by privilege escalation). To mitigate these security challenges, we develop principles for VMM compartmentalization and specialization. We construct a prototype, called Redwood, embodying those principles. Redwood is built by extending Cloud Hypervisor and compartmentalizes thirteen critical components (i.e., virtual I/O devices) using Intel MPK, a hardware primitive available in Intel CPUs. Redwood has fifteen fine-grained modules, each representing a single feature, which increases its configurability and flexibility. Our evaluations reveal that Redwood is as performant as the baseline Cloud Hypervisor, has a 50% smaller VMM image size and 50% fewer ROP gadgets, and is resilient to an array of CVEs. I/O acceleration architectures, such as Data Plane Development Kit (DPDK) enhance VM performance by moving the data plane from the VMM to a separate userspace application. Since the VMM must share its VMs' sensitive information with accelerated applications, it can potentially degrade security. The dissertation's final contribution is the compartmentalization of a VM's sensitive data within an accelerated application using the Intel MPK hardware primitive. Our evaluations reveal that the technique does not cause any degradation in I/O performance and mitigates potential attacks and a class of CVEs. / Doctor of Philosophy / Instead of using software on a local device like a laptop or a mobile phone, consumers can access the same services from a remote high-end computer through high-speed Internet. This paradigm shift in computing is enabled by a remote computing infrastructure known as the "cloud,'' wherein networked server computers are deployed to execute third-party applications, often untrusted. Multiple applications are consolidated on the same server to save computer resources, but this can compromise security: a malicious application can steal co-existent applications' sensitive data. To enable resource consolidation and mitigate security attacks, applications are executed using a virtual machine (VM) -- an abstract machine that runs its own operating system (OS). Multiple VMs run on a single physical machine using two software systems: hypervisor and virtual machine monitor (VMM). They ensure that VMs are spatially isolated from each other, localizing security attacks. This dissertation focuses on enhancing the security of hypervisors and VMMs. The hypervisor and VMM have multiple responsibilities toward supporting the OS running on the physical computer and VMs. The OS runs software called device drivers, which communicate with input-output (I/O) hardware such as network and storage devices. Device drivers, usually written by third-party and I/O device manufacturers, are highly vulnerable to security attacks. To mitigate such attacks, device drivers are often run inside special VMs, called driver domains. State-of-the-art driver domains use a general-purpose full-featured OS such as Linux, which has a large code base (in the tens of millions of lines of code) and thus, a large attack surface. To address this security challenge, the dissertation proposes using lightweight, single-purpose VMs called unikernels, as driver domain OSs. Their code size is smaller than that of full-featured OSs by as much as one order of magnitude, which yields security benefits. We design and develop a unikernel-based driver domain, called Kite, for network and storage I/O devices. Kite uses NetBSD OS's rumprun unikernel for creating a driver domain OS. Using rumprun unikernel as a driver domain OS requires overcoming many technical challenges including a lack of support in a popular hypervisor such as Xen for performing I/O operations and communicating with rumprun, among others. Kite's design overcomes these challenges. Our empirical studies reveal that Kite is ten times less likely to be affected by future attacks and ten times faster to start than existing solutions for driver domains. At the same time, Kite domains match the performance of state-of-the-art driver domain OSs such as Linux. The hypervisor and VMM are responsible for creating VMs and providing resources such as memory, processing power, and hardware device access. Existing VMMs are designed to be versatile. Thus, they include a large number of components that may not be used in many VM configurations, resulting in a large attack surface. In addition, VMM components are not well spatially separated from each other. Thus, vulnerabilities in one component can be exploited to compromise other components. To address these security challenges, the dissertation proposes a set of principles for i) customizing a VMM for each VM's needs, instead of using one VMM for all VMs, and ii) strongly isolating VMM components from each other. We realize these principles in a prototype implementation called Redwood. Redwood is highly configurable and separates critical I/O components from each other using a hardware primitive. Our evaluations reveal that Redwood significantly reduces the VMM's size and VMM's vulnerabilities while maintaining performance. To enhance VM performance, I/O acceleration software is often used that eliminates communication overheads in the VMM. To do so, the VMM must share VMs' sensitive information with accelerated applications, which can potentially degrade security. The dissertation's final contribution is a technique that strongly isolates and limits access to sensitive information in the application using a hardware primitive. Our evaluations reveal that the technique improves security by localizing attacks without sacrificing performance. Operating Systems Unikernels Virtualization Hypervisors VMM Compartmentalization
3	The compartmentalization and biomarker analysis of the spivey-grabs-basil field, south-central Kansas Evans, Drew W. January 1900 (has links) Master of Science / Department of Geology / Matthew W. Totten / The Spivey-Grabs-Basil oil field is a highly developed field in south-central Kansas, having large variability in its production and in the Pineville Tripolite facies. The Pineville Tripolite is the primary producing formation of this field having major isopach variations, possibly influencing production. The hypothesis that the field is highly compartmentalized is from the varied production, isopach and structure of the field. This study investigated the Pineville Tripolite facies in the Spivey-Grabs-Basil Oil Field, with the Basil area the predominant focus, and its possible compartmentalization by looking at the gas chromatograms and their biomarker signatures. This field has had several studies investigating the geophysical attributes, depositional setting and large-scale compartmentalization. Post depositional sea-level changes and possibly syntectonics exposed the Reeds Spring to a sub-aerial environment where meteoric alteration created immense porosity and the Pineville Tripolite facies. Geochemical data shows evidence that this section of the field is sourced from both a marine shale and carbonate source at peak oil maturity, deposited in an anoxic environment. Biodegradation appears very slight, with most alterations transpiring in the alkane ranges only, leaving all other susceptible hydrocarbons unaltered. Compartments within the field are harder to identify when comparing geological data to oil data. Isopach data shows altered thickness of the Pineville Tripolite from well to well, as do Pineville structure values. The isopach and structural data point to possible areas for compartments, but it is from oil geochemical data that compartments become more visible. API gravities and GOR show motley values, but do indicate two significant areas of segregation. The deepest, most southern end of the study showed lighter gravity oils than the middle, suggesting possible fill and spill between the two. However, biomarker abundance indicates three possible compartments. The southern compartment has many more biomarker volumes than do the middle compartment, both divided by a reservoir pinch-out. The third most northeastern well has high biomarker abundance, but shows no geological separators from the other wells. Production from this field may be improved by investigating the biomarkers to allocate these compartments and possible barriers close to wells. Compartmentalization Biomarkers Geology Geochemistry Geochemistry (0996) Geology (0372)
4	Morphogenèse de compartiments membranaires : formation de l'autophagosome chez les plantes / Morphogenesis of membranar compartments : autophagosome formation in plants Le bars, Romain 18 December 2013 (has links) L'autophagie est un processus permettant la dégradation de constituants cytosoliques dans un compartiment lytique, par leur séquestration au sein d'une vésicule à double membrane : l'autophagosome. L'autophagie est, avec la voie ubiquitine-protéasome, l'une des deux grandes voies de dégradation présente de manière fortement conservée chez les cellules eucaryotes. Présente à un niveau basal, elle peut être stimulée afin de permettre la remobilisation de ressources cellulaires, ou d'assurer des fonctions cytoprotectrices et de détoxification. La formation d'autophagosomes traduit alors la capacité du système endomembranaire à s'adapter aux besoins cellulaires. Cependant, la mécanique membranaire et moléculaire de ce phénomène reste mal comprise. L'objectif de ce travail de thèse était de mieux comprendre la formation de ce compartiment dans la cellule végétale. Pour cela, nous avons tout d'abord mis au point les conditions propices à l'étude de l'autophagie dans la racine d’Arabidopsis thaliana, puis nous avons entrepris l'identification de marqueurs des étapes de formation de l'autophagosome. L'étude par imagerie en temps réel et 3D de la protéine ATG5, impliquée dans l’expansion membranaire, nous a permis de mettre en évidence son recrutement transitoire sur un domaine particulier de l'autophagosome en formation, son ouverture. De plus, l'étude de différents acteurs du système endomembranaire, nous a permis de mettre en évidence et de caractériser l'implication du réticulum endoplasmique et de ATG9, pour aboutir à un modèle de la formation de l'autophagosome chez les plantes. / Autophagy is a catabolic process targeting cytosolic compounds to the lytic compartment after sequestration within a double membrane bound vesicle: the autophagosome. Along with the ubiquitin-proteasome pathway, autophagy is one of the main catabolic processes conserved among eukaryotic cells. Present at a basal level, it can be stimulated to allow: remobilization of cell resources, cytoprotective functions, and detoxification. Autophagosome formation demonstrates the capacity of the endomembrane system to adapt dynamically to the cell's environment. However, the membrane and molecular processes involved are still poorly understood. This work aimed to advance understanding of autophagosome formation in plant cells. First of all, we set up suitable conditions for the study of autophagy in the Arabidopsis root, then we identified markers of the autophagosome formation steps. Live and 3D imaging of the ATG5 protein, involved in membrane expansion, demonstrated its transient recruitment to a specific domain of the forming autophagosome, its aperture. Furthermore, studying different actors of the endomembrane system has allowed us to implicate the endoplasmic reticulum and ATG9, and to establish a model for autophagosome formation in plants. Autophagosome Autophagie Compartimentation cellulaire Autophagosome Autophagy Cell compartmentalization
5	Characterizing The Role And Regulation Of Glycogen Metabolism In Dendritic Cell Immune Responses Thwe, Phyu Myat 01 January 2018 (has links) Dendritic cells (DCs) are the most potent professional antigen presenting cells (pAPCs) of the immune system and play a fundamental role in coordinating innate and adaptive immune responses. Through the expression of a wide array of pattern recognition receptors (PRRs), such as toll-like receptors (TLRs), DCs recognize a variety of microbial pathogens and infectious stimuli. Stimulation of DCs through TLR ligation results in a rapid series of activation-associated events, termed "maturation," which include the upregulation of surface co-stimulatory molecule expression, inflammatory cytokine secretion, and stimulation of naïve T cells via antigen presentation by MHC molecules. Activation of DCs through TLRs is coupled with an increased metabolic demand fulfilled by a rapid change in DC glucose metabolism and characterized by increased aerobic glycolysis rates. TLR-driven glycolytic reprogramming plays an essential role in generating building blocks required for high level protein synthesis associated with maturation. Although glucose imported from extracellular environments has been broadly considered as the major driver of glycolytic metabolism in immune cells, the contributions of intracellular glucose stores to these processes are not well-defined. The role of intracellular stores of glucose, in the form of glycogen, is widely appreciated in non-immune systems. However, very little is known about the implication of glycogen metabolism in DC immune responses. This work unveils the role and potential regulatory mechanisms of glycogen metabolism in support of DC effector function. The first part of this work primarily focuses on our characterization of the role of glycogen metabolism in early DC activation responses; while in the last chapter, we describe a potential regulatory mechanism of DC glycogen metabolism by activation-associated nitric oxide (NO) production. In this work, we tested the overarching hypothesis that DC-intrinsic glycogen metabolism supports the early glycolytic reprogramming required for effector responses and that nitric oxide can regulate this metabolism. We demonstrate that DCs possess the enzymes required for glycogen metabolic machinery and that glycogen metabolism supports DC immune effector response, particularly during early activation and in nutrient-limited environments. More importantly, we uncover a very intriguing metabolic phenomenon, in which DCs engage in the differential metabolic pathways driven by carbons derived distinctively from glycogen and free glucose. Our studies present the fundamental role and regulatory mechanisms of DC-intrinsic glycogen metabolism and underline the differential utilization of glycogen and glucose metabolism to support their effector responses. Overall, this work adds to a growing field of immuno-metabolism an improved understanding of an intricate layer of metabolic mechanisms that immune cells undertake in response to immune stimuli. Compartmentalization Dendritic cells Glycogen Glycogen shunt Metabolism Immunology and Infectious Disease
6	Compartmentalized phosphodiesterase 4D isoforms expression, targeting and localization in vascular myocytes Truong, Tammy 14 March 2014 (has links) During the development of atherosclerosis, contractile vascular smooth muscle cells (VSMCs) change to cells capable of migrating and proliferating to mediate repair, where the responses may be adaptive or mal-adaptive in effect. Cyclic adenosine monophosphate (cAMP)-elevating agents have been shown to inhibit migration of VSMC. cAMP activity within the cell is known to be ubiquitous and dynamic, requiring control through signal termination mechanisms for cellular homeostasis. Phosphodiesterase (PDE) enzymes are central to this critical regulatory process catalyzing the hydrolysis of cAMP. A great deal of insight into the role of PDEs in defining compartmentalization of cAMP signaling has arisen predominately from recent studies on the cAMP-specific PDE4 family. Compartmentalization of PDE4 is mediated by their unique N-terminal domains, which have been proposed to provide the “postcodes/zipcodes” for cellular localization. PDE4D isoforms vary widely, yet their conservation over evolutionary time suggests important non-redundant roles in distinct cellular processes. To study the potential role of individual PDE4D isoforms we seek to utilize the unique N-terminal targeting domains that are proposed to be responsible for their protein-protein interactions and site-directed localization. Herein, we report on the expression, targeting and localization of five “long” PDE4D isoforms and the impact on cell morphology of certain amino-terminal domains of individual PDE4D constructs expressing green fluorescent protein (NT-PDE4D/GFP) in human aortic smooth muscle cells (HASMCs). Through the development of engineered NT-PDE4D/GFP expression plasmids, we were able to study the cell biological impacts associated with the overexpression of individual PDE4D amino-terminal variants in HASMCs. We show that NT-PDE4D5/GFP and NT-PDE4D7/GFP expressing cells exhibited an elongated cell morphology, where this effect was much more marked in NT-PDE4D7/GFP expressing cells, exhibiting multiple leading edge structures and highly elongated “tails”. We identify a potential role for PDE4D7 targeting in the regulation of cell polarity and migration. Our results suggest the novel idea that PDE4D7, rather than the four other long PDE4D isoforms (PDE4D3, PDE4D5, PDE4D8, or PDE4D9), represents the dominant PDE4D variant involved in controlling cAMP-mediated effects on cell tail retraction dynamics. / Thesis (Master, Pathology & Molecular Medicine) -- Queen's University, 2014-03-13 13:00:31.684 / Video I: Time-lapse video of GFP-expressing cell migration in HASMC. GFP expressing cells did not differ in cell migration or morphology compared to non-injected control cells. HASMCs were microinjected with GFP construct. Representative images of micoinjected GFP cells were taken 24 h post-injection overnight at 30min intervals using a Zeiss Axiovert S100 microscope and processed as described in Materials & Methods. (10X) / Video II: Time-lapse video of NT-PDE4D7/GFP-expressing cell migration in HASMC. NT-PDE4D7/GFP expressing cells exhibit elongated tail and decrease in cell migration compared to non-injected control cells. HASMCs were microinjected with NT-PDE4D7/GFP construct. Particle tracking of NT-PDE4D7 cells showed cleaving and full detachment of elongated tail. Representative images of micoinjected NT-PDE4D7 cells were taken 24 h post-injection overnight at 30min intervals using a Zeiss Axiovert S100 microscope and processed as described in Materials & Methods. (10X) cell migration vascular smooth muscle cell cAMP compartmentalization phosphodiesterase 4D
7	Improving Desktop System Security Using Compartmentalization January 2018 (has links) abstract: Compartmentalizing access to content, be it websites accessed in a browser or documents and applications accessed outside the browser, is an established method for protecting information integrity [12, 19, 21, 60]. Compartmentalization solutions change the user experience, introduce performance overhead and provide varying degrees of security. Striking a balance between usability and security is not an easy task. If the usability aspects are neglected or sacrificed in favor of more security, the resulting solution would have a hard time being adopted by end-users. The usability is affected by factors including (1) the generality of the solution in supporting various applications, (2) the type of changes required, (3) the performance overhead introduced by the solution, and (4) how much the user experience is preserved. The security is affected by factors including (1) the attack surface of the compartmentalization mechanism, and (2) the security decisions offloaded to the user. This dissertation evaluates existing solutions based on the above factors and presents two novel compartmentalization solutions that are arguably more practical than their existing counterparts. The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers. The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2018 Computer science browser security compartmentalization network security software security virtualization
8	Relationship Between Fault Zone Architecture and Groundwater Compartmentalization in the East Tintic Mining District, Utah Hamaker, Sandra Myrtle Conrad 16 November 2005 (has links) (PDF) The Eureka Lilly fault zone provides an impermeable barrier for groundwater flow in the East Tintic mining district. The fault zone separates two distinct groundwaters that have different temperatures, compositions, and potentiometric surfaces. The damage zone of the fault is an extensive network of interconnected open fractures and fault intersections that provide conduits for groundwater flow in otherwise impermeable units. The fault core breccia has been re-cemented and mineralized, which eliminates porosity in the rock by creating a thick impermeable zone, which has compartmentalized groundwaters across the fault zone. The compartmentalization of groundwater shows that fault zone variability (from strain partitioning and multiple deformation episodes) make traditional basin flow concepts inaccurate and difficult to apply in this area. fault zone compartmentalization East Tintic Geology Hydrology groundwater fracture Geology
9	RESERVOIR ANALYSIS OF THE CLINTON INTERVAL IN STARK AND SUMMIT COUNTIES, OHIO Wytovich, Dominick Andrew 24 June 2010 (has links) No description available. Energy Geology Geophysics Clinton Isopach Isolith Stark Summit Reservoir Compartmentalization
10	Enhancing Software Security through Code Diversification Verification, Control-flow Restriction, and Automatic Compartmentalization Jang, Jae-Won 26 July 2024 (has links) In today's digital age, computer systems are prime targets for adversaries due to the vast amounts of sensitive information stored digitally. This ongoing cat-and-mouse game between programmers and adversaries forces security researchers to continually develop novel security measures. Widely adopted schemes like NX bits have safeguarded systems against traditional memory exploits such as buffer overflows, but new threats like code-reuse attacks quickly bypass these defenses. Code-reuse attacks exploit existing code sequences, known as gadgets, without injecting new malicious code, making them challenging to counter. Additionally, input-based vulnerabilities pose significant risks by exploiting external inputs to trigger malicious paths. Languages like C and C++ are often considered unsafe due to their tendency to cause issues like buffer overflows and use-after-free errors. Addressing these complex vulnerabilities requires extensive research and a holistic approach. This dissertation initially introduces a methodology for verifying the functional equivalence between an original binary and its diversified version. The Verification of Diversified Binary (VDB) algorithm is employed to determine whether the two binaries—the original and the diversified—maintain functional equivalence. Code diversification techniques modify the binary compilation process to produce functionally equivalent yet different binaries from the same source code. Most code diversification techniques focus on analyzing non-functional properties, such as whether the technique improves security. The objective of this contribution is to enable the use of untrusted diversification techniques in essential applications. Our evaluation demonstrates that the VDB algorithm can verify the functional equivalence of 85,315 functions within binaries from the GNU Coreutils 8.31 benchmark suite. Next, this dissertation proposes a binary-level tool that modifies binaries to protect against control-flow hijacking attacks. Traditional approaches to guard against ROP attacks either introduce significant overhead, require hardware support, or need intimate knowledge of the binary, such as source code. In contrast, this contribution does not rely on source code nor the latest hardware technology (e.g., Intel Control-flow Enforcement Technology). Instead, we show that we can precisely restrict control flow transfers from transferring to non-intended paths even without these features. To that end, this contribution proposes a novel control-flow integrity policy based on a deny list called Control-flow Restriction (CFR). CFR determines which control flow transfers are allowed in the binary without requiring source code. Our implementation and evaluation of CFR show that it achieves this goal with an average runtime performance overhead for commercial off-the-shelf (COTS) binaries in the range of 5.5% to 14.3%. In contrast, a state-of-the-art binary-level solution such as BinCFI has an average overhead of 61.5%. Additionally, this dissertation explores leveraging the latest hardware security primitives to compartmentalize sensitive data. Specifically, we use a tagged memory architecture introduced by ARM called the Memory Tagging Extension (MTE), which assigns a metadata tag to a memory location that is associated with pointers referencing that memory location. Although promising, ARM MTE suffers from predictable tag allocation on stack data, vulnerable plain-text metadata tags, and lack of fine-grained memory access control. Therefore, this contribution introduces Shroud to enhance data security through compartmentalization using MTE and protect MTE's tagged pointers' vulnerability through encryption. Evaluation of Shroud demonstrates its security effectiveness against non-control-data attacks like Heartbleed and Data-Oriented Programming, with performance evaluations showing an average overhead of 4.2% on lighttpd and 2% on UnixBench. Finally, the NPB benchmark measured Shroud's overhead, showing an average runtime overhead of 2.57%. The vulnerabilities highlighted by exploits like Heartbleed capitalize on external inputs, underscoring the need for enhanced input-driven security measures. Therefore, this dissertation describes a method to improve upon the limitations of traditional compartmentalization techniques. This contribution introduces an Input-Based Compartmentalization System (IBCS), a comprehensive toolchain that utilizes user input to identify data for memory protection automatically. Based on user inputs, IBCS employs hybrid taint analysis to generate sensitive code paths and further analyze each tainted data using novel assembly analyses to identify and enforce selective targets. Evaluations of IBCS demonstrate its security effectiveness through adversarial analysis and report an average overhead of 3% on Nginx. Finally, this dissertation concludes by revisiting the problem of implementing a classical technique known as Software Fault Isolation (SFI) on an x86-64 architecture. Prior works attempting to implement SFI on an x86-64 architecture have suffered from supporting a limited number of sandboxes, high context-switch overhead, and requiring extensive modifications to the toolchain, jeopardizing maintainability and introducing compatibility issues due to the need for specific hardware. This dissertation describes x86-based Fault Isolation (XFI), an efficient SFI scheme implemented on an x86-64 architecture with minimal modifications needed to the toolchain, while reducing complexity in enforcing SFI policies with low performance (22.48% average) and binary size overheads (2.65% average). XFI initializes the sandbox environment for the rewritten binary and, depending on the instructions, enforces data-access and control-flow policies to ensure safe execution. XFI provides the security benefits of a classical SFI scheme and offers additional protection against several classes of side-channel attacks, which can be further extended to enhance its protection capabilities. / Doctor of Philosophy / In today's digital age, cyber attackers frequently target computer systems due to the vast amounts of sensitive information they store. As a result, security researchers must constantly develop new protective measures. Traditional defenses like NX bits have been effective against memory exploits, but new threats like code-reuse attacks, which leverage existing code without introducing new malicious code, present new challenges. Additionally, vulnerabilities in languages like C and C++ further complicate security efforts. Addressing these issues requires extensive research and a comprehensive approach. This dissertation introduces several innovative techniques to enhance computer security. First, it presents a method to verify that a diversified program is functionally equivalent to its original version, ensuring that security modifications do not alter its intended functions. Next, it proposes a technique to prevent control-flow hijacking attacks without requiring source code or advanced hardware. Then, the dissertation explores leveraging advanced hardware, such as ARM's Memory Tagging Extension, to protect sensitive data, demonstrating robust security against attacks like Heartbleed. Recognizing that adversaries often use external inputs to exploit vulnerabilities, this dissertation introduces Input-Based Compartmentalization to automatically protect memory based on user input. Finally, an efficient implementation of a well-known security technique called Software Fault Isolation on x86-64 architecture ensures safe execution with low overhead. These advancements collectively enhance the robustness of computer systems against modern cyber threats. Formal Verification Control-hijacking Prevention Compartmentalization Memory Safety Security

Search results