Najwa Aaraj

Princeton University, Princeton, New Jersey, United States

Are you Najwa Aaraj?

Claim your profile

Publications (9)1.22 Total impact

  • [Show abstract] [Hide abstract]
    ABSTRACT: The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because of the limited processing capabilities of their embedded counterparts. In this work, we evaluate a malware and software vulnerability exploit defense framework for embedded systems. The proposed framework extends our prior work, which defines two isolated execution environments: a testing environment, wherein an untrusted application is first tested using dynamic binary instrumentation (DBI), and a real environment, wherein a program is monitored at runtime using an extracted behavioral model, along with a continuous learning process. We present a suite of software and hardware optimizations to reduce the overheads induced by the defense framework on embedded systems. Software optimizations include the usage of static analysis, complemented with DBI in the testing environment (i.e., a hybrid software analysis approach is used). Hardware optimizations exploit parallel processing capabilities of multiprocessor systems-on-chip. We have evaluated the defense framework and proposed optimizations on the ARM-Linux operating system. Experiments demonstrate that our framework achieves a high coverage of considered security threats, with acceptable performance penalties (the average execution time of applications goes up to 1.68X, considering all optimizations, which is much smaller than the 2.72X performance penalty when no optimizations are used).
    ACM Trans. Embedded Comput. Syst. 01/2011; 10:33.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Many information security attacks exploit vulnerabilities in "trusted" and privileged software executing on the system, such as the operating system (OS). On the other hand, most security mech-anisms provide no immunity to security-critical user applications if vulnerabilities are present in the underlying OS. While technologies have been proposed that facilitate isolation of security-critical soft-ware, they require either significant computational resources and are hence not applicable to many resource-constrained systems, or necessitate extensive re-design of the underlying processors and hardware. In this work, we propose INVISIOS – a lightweight, minimally intrusive hardware-software architecture to make the execution of security-critical software invisible to the OS, and hence protected from its vulnerabilities. The INVISIOS software architecture encap-sulates the security-critical software into a self-contained software module, called the secure core. While the secure core is part of the kernel and is run with kernel-level privileges, its code, data, and execution are transparent to and protected from the rest of the ker-nel. The INVISIOS hardware architecture consists of simple add-on hardware components that are responsible for bootstrapping the se-cure core, ensuring that it is exercised by applications in only per-mitted ways, and enforcing the isolation of its code and data from the rest of the system. We implemented INVISIOS by enhancing the QEMU full-system emulator and Linux to model the proposed soft-ware and hardware enhancements, and applied it to protect a com-mercial cryptograhpic library. Our experiments demonstrate that INVISIOS is capable of facilitating secure execution at very small overheads, making it suitable for resource-constrained embedded systems and systems-on-chip.
    01/2010;
  • [Show abstract] [Hide abstract]
    ABSTRACT: Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM, which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this article, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a handheld appliance (Sharp Zaurus PDA). We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. We observe that for most commands, overheads are primarily due to the use of 2,048-bit RSA operations that are performed within the SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. In addition, we also evaluate the overheads of using the SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), a secure VoIP client, and a secure Web browser. Furthermore, we analyze the computational workload involved in running SW-TPM commands using ECC. We then present a suite of hardware and software enhancements to accelerate these commands—generic custom instructions and exploitation of parallel processing capabilities in multiprocessor systems-on-chip (SoCs). We report results of evaluating the proposed architectures on a commercial embedded processor (Xtensa from Tensilica). Through uniprocessor and multiprocessor optimizations, we could achieve speed-ups of up to 5.71X for individual TPM commands.
    ACM Trans. Embedded Comput. Syst. 01/2008; 8.
  • [Show abstract] [Hide abstract]
    ABSTRACT: Malware is at the root of a large number of information security breaches. Despite widespread effort devoted to combating malware, current techniques have proven to be insufficient in stemming the incessant growth in malware attacks. In this paper, we describe a tool that exploits a combination of virtualized (isolated) execution environments and dynamic binary instrumentation (DBI) to detect malicious software and prevent its execution. We define two isolated environments: (i) a Testing environment, wherein an untrusted program is traced during execution using DBI and subjected to rigorous checks against extensive security policies that express behavioral patterns of malicious software, and (ii) a Real environment, wherein a program is subjected to run-time monitoring using a behavioral model (in place of the security policies), along with a continuous learning process, in order to prevent non-permissible behavior. We have evaluated the proposed methodology on both Linux and Windows XP operating systems, using several virus benchmarks as well as obfuscated versions thereof. Experiments demonstrate that our approach achieves almost complete coverage for original and obfuscated viruses. Average execution times go up to 28.57X and 1.23X in the Testing and Real environments, respectively. The high overhead imposed in the Testing environment does not create a severe impediment since it occurs only once and is transparent to the user. Users are only affected by the overhead imposed in the Real environment. We believe that our approach has the potential to improve on the state-of-the-art in malware detection, offering improved accuracy with low performance penalty.
    01/2008;
  • [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose an efficient and secure embedded processing architecture that addresses various challenges involved in using face-based biometrics for authenticating a user to an embedded system. Our paper considers the use of robust face verifiers (PCA-LDA, Bayesian), and analyzes the computational workload involved in running their software implementations on an embedded processor. We then present a suite of hardware and software enhancements to accelerate these algorithms-fixed-point arithmetic, various code optimizations, generic custom instructions and dedicated coprocessors, and exploitation of parallel processing capabilities in multiprocessor systems-on-chip (SoCs). We also identify attacks targeted against the authentication process, and develop security measures to ensure the integrity of biometric code/data. We evaluated the proposed architectures in the context of popular open-source software implementations of face authentication algorithms running on a commercial embedded processor (Xtensa from Tensilica). Our paper shows that fast, in-system verification is possible even in the context of many resource-constrained embedded systems. We also demonstrate that the security of the authentication process for the given attack model can be achieved with minimum hardware overheads
    IEEE Transactions on Very Large Scale Integration (VLSI) Systems 04/2007; · 1.22 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Trusted platforms have been proposed as a promising approach to en- hance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost over- heads of a separate Trusted Platform Module (TPM) chip are not ac- ceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a pro- tected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA. We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. In addi- tion, we also evaluate the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux oper- ating system (OS), secure file storage, secure VoIP client, and secure web browser. Furthermore, we observe that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM over- heads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. Our experiments indicate that this optimiza- tion can significantly reduce SW-TPM overheads (an average of 6.51X execution time reduction and 6.75X energy consumption reduction for individual TPM commands, and an average of 10.25X execution time reduction and 10.75X energy consumption reduction for applications). Our work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems.
    2007 Design, Automation and Test in Europe Conference and Exposition (DATE 2007), April 16-20, 2007, Nice, France; 01/2007
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Biometrics represent a promising approach for reliable and secure user authentication. However, they have not yet been widely adopted in embedded systems, particularly in resource-constrained devices such as cell phones and personal digital assistants (PDAs). In this paper, we investigate the challenges involved in using face-based biometrics for authenticating a user to an embedded system. To enable high authentication accuracy, we consider robust face verifiers based on principal component analysis/linear discriminant analysis (PCA-LDA) algorithms and Bayesian classifiers, and their combined use (multi-modal biometrics). Since embedded systems are severely constrained in their processing capabilities, algorithms that provide sufficient accuracy tend to be computationally expensive, leading to unacceptable authentication times. On the other hand, achieving acceptable performance often comes at the cost of degradation in the quality of results.Our work aims at developing embedded processing architectures that improve face verification speed with minimal hardware requirements, and without any compromise in verification accuracy. We analyze the computational characteristics of face verifiers when running on an embedded processor, and systematically identify opportunities for accelerating their execution. We then present a range of targeted hardware and software enhancements that include the use of fixed-point arithmetic, various code optimizations, application-specific custom instructions and co-processors, and parallel processing capabilities in multi-processor systems-on-chip (SoCs).We evaluated the proposed architectures in the context of open-source face verification algorithms running on a commercial embedded processor (Xtensa from Tensilica). Our work shows that fast, in-system verification is possible even in the context of many resource-constrained embedded systems. We also demonstrate that high authentication accuracy can be achieved with minimum hardware overheads, while requiring no modifications to the core face verification algorithms.
    Proceedings of the Conference on Design, Automation and Test in Europe: Designers' Forum, DATE 2006, Munich, Germany, March 6-10, 2006; 01/2006
  • [Show abstract] [Hide abstract]
    ABSTRACT: Biometrics represents a promising approach for reliable and secure user authentication. However, they have not yet been widely adopted in embedded systems, particularly in resource-constrained devices such as cell phones and personal digital assistants (PDAs). In this paper, we investigate the challenges involved in using face-based biometrics for authenticating a user to an embedded system. To enable high authentication accuracy, we consider robust face verifiers based on principal component analysis/linear discriminant analysis (PCA-LDA) algorithms and Bayesian classifiers, and their combined use (multi-modal biometrics). Since embedded systems are severely constrained in their processing capabilities, algorithms that provide sufficient accuracy tend to be computationally expensive, leading to unacceptable authentication times. On the other hand, achieving acceptable performance often comes at the cost of degradation in the quality of results. Our work aims at developing embedded processing architectures that improve face verification speed with minimal hardware requirements and without any compromise in verification accuracy. We analyze the computational characteristics of face verifiers when running on an embedded processor, and systematically identify opportunities for accelerating their execution. We then present a range of targeted hardware and software enhancements that include the use of fixed-point arithmetic, various code optimizations, application-specific custom instructions and co-processors, and parallel processing capabilities in multi-processor systems-on-chip (SoCs). We evaluated the proposed architectures in the context of open-source face verification algorithms running on a commercial embedded processor (Xtensa from Tensilica). Our work shows that fast, in-system verification is possible even in the context of many resource-constrained embedded systems. We also demonstrate that high authentication accuracy can be achieved with minimum hardware overheads, while requiring no modifications to the core face verification algorithms.
    2008 Design, Automation and Test in Europe. 01/2006; 2:4.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Virtualization is a useful technology for addressing security concerns since it allows for the creation of isolated software execution environ-ments, e.g., for separation of the sensitive parts of a system from the complex, untrusted parts. In this paper, we describe a tool for dynami-cally detecting and preventing software vulnerabilities that exploits the availability of virtualized (isolated) execution environments. A program that is not itself malicious, but could have vulnerabilities, is first safely executed within a virtualized Testing environment, wherein its execution is traced using dynamic binary instrumentation and checked against ex-tensive security policies that express the behavioral patterns associated with various vulnerability exploits. The program's execution trace is rep-resented using a hybrid model that consists of regular expressions along with data invariants in order to capture both control and data flow. The execution trace and security policies are then used to construct an ab-stract behavioral model of the program's exercised execution paths. The program and its behavioral model are then migrated to a Real execution environment, wherein the behavioral model is used for efficient run-time monitoring (in place of the security policies), along with a continuous learning process, in order to prevent non-permissible program behavior. We implemented the proposed framework using the PIN dynamic binary instrumentation tool from Intel and the Xen virtual machine monitor, and evaluated the utility and performance of the proposed methodology using several benchmarks and attack data sets. Our eval-uation demonstrates almost 100% coverage for the considered software vulnerabilities, including buffer overflows, race conditions, link attacks, memory vulnerabilities, and NULL-pointer referencing. Execution time overheads of 38.42X and 1.46X are imposed on program execution in the Testing and Real environments, respectively, indicating the poten-tial of the proposed approach in preventing vulnerability exploits with acceptable overheads.