BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Miguel A. Arroyo

Miguel A. Arroyo contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityHardware Architecture

Trust snapshot

Quick read

Trust 13 - UnverifiedVerification L1Unclaimed author
2works
0followers
2topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

2 published item(s)

preprint2020arXiv

SPAM: Stateless Permutation of Application Memory

In this paper, we propose the Stateless Permutation of Application Memory (SPAM), a software defense that enables fine-grained data permutation for C programs. The key benefits include resilience against attacks that directly exploit software errors (i.e., spatial and temporal memory safety violations) in addition to attacks that exploit hardware vulnerabilities such as ColdBoot, RowHammer or hardware side-channels to disclose or corrupt memory using a single cohesive technique. Unlike prior work, SPAM is stateless by design making it automatically applicable to multi-threaded applications. We implement SPAM as an LLVM compiler pass with an extension to the compiler-rt runtime. We evaluate it on the C subset of the SPEC2017 benchmark suite and three real-world applications: the Nginx web server, the Duktape Javascript interpreter, and the WolfSSL cryptographic library. We further show SPAM's scalability by running a multi-threaded benchmark suite. SPAM has greater security coverage and comparable performance overheads to state-of-the-art software techniques for memory safety on contemporary x86_64 processors. Our security evaluation confirms SPAM's effectiveness in preventing intra/inter spatial/temporal memory violations by making the attacker success chances as low as 1/16!.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Using Name Confusion to Enhance Security

We introduce a novel concept, called Name Confusion, and demonstrate how it can be employed to thwart multiple classes of code-reuse attacks. By building upon Name Confusion, we derive Phantom Name System (PNS): a security protocol that provides multiple names (addresses) to program instructions. Unlike the conventional model of virtual memory with a one-to-one mapping between instructions and virtual memory addresses, PNS creates N mappings for the same instruction, and randomly switches between them at runtime. PNS achieves fast randomization, at the granularity of basic blocks, which mitigates a class of attacks known as (just-in-time) code-reuse. If an attacker uses a memory safety-related vulnerability to cause any of the instruction addresses to be different from the one chosen during a fetch, the exploited program will crash. We quantitatively evaluate how PNS mitigates real-world code-reuse attacks by reducing the success probability of typical exploits to approximately $10^{-12}$. We implement PNS and validate it by running SPEC CPU2017 benchmark suite. We further verify its practicality by adding it to a RISC-V core on an FPGA. Lastly, PNS is mainly designed for resource constrained (wimpy) devices and has negligible performance overhead, compared to commercially-available, state-of-the-art, hardware-based protections.

0 citations0 reviewsNo code linkedOpen access