Valkyrie: A Response Framework to Augment Runtime Detection of Time-Progressive Attacks

TL;DR

Valkyrie addresses the usability gap of real-time detectors by introducing a detector-agnostic post-detection framework that throttles time-progressive attacks and only terminates after achieving a user-defined detection efficacy $N^*$. It leverages a threat index built from detector inferences, penalty and compensation updates, and a configurable actuator to throttle CPU, memory, network, and filesystem resources, thereby slowing attacks without prematurely terminating benign processes. The approach is validated across micro-architectural attacks, rowhammer, ransomware, and cryptominers, showing substantial attack slowdowns and low overhead for benign workloads, illustrating practical utility on resource-constrained systems and offering a flexible, generalizable direction for post-detection defense research.

Abstract

A popular approach to detect cyberattacks is to monitor systems in real-time to identify malicious activities as they occur. While these solutions aim to detect threats early, minimizing damage, they suffer from a significant challenge due to the presence of false positives. False positives have a detrimental impact on computer systems, which can lead to interruptions of legitimate operations and reduced productivity. Most contemporary works tend to use advanced Machine Learning and AI solutions to address this challenge. Unfortunately, false positives can, at best, be reduced but not eliminated. In this paper, we propose an alternate approach that focuses on reducing the impact of false positives rather than eliminating them. We introduce Valkyrie, a framework that can enhance any existing runtime detector with a post-detection response. Valkyrie is designed for time-progressive attacks, such as micro-architectural attacks, rowhammer, ransomware, and cryptominers, that achieve their objectives incrementally using system resources. As soon as an attack is detected, Valkyrie limits the allocated computing resources, throttling the attack, until the detector's confidence is sufficiently high to warrant a more decisive action. For a false positive, limiting the system resources only results in a small increase in execution time. On average, the slowdown incurred due to false positives is less than 1% for single-threaded programs and 6.7% for multi-threaded programs. On the other hand, attacks like rowhammer are prevented, while the potency of micro-architectural attacks, ransomware, and cryptominers is greatly reduced.

Figures (6)

• Figure 1: Detection efficacy of various models similar to existing works with respect to the number of runtime measurements captured by the detector and elapsed time. The user of a detection solution can specify the desired level of detection efficacy.
• Figure 2: An overview of Valkyrie post-detection response framework augmenting a runtime detector. In an offline phase, users can specify the detection efficacy required based on the application, and Valkyrie determines the number of measurements required to achieve it. The detector provides an inference for a process periodically during execution, which is used by Valkyrie to determine the threat index of the process. Based on the threat index and the number of measurements, Valkyrie responds with a modification in available resources for the process or termination.
• Figure 3: The state transitions of a process ${\tt t}$ with Valkyrie. The process starts in the normal state (${\tt T}_i^{\tt t} = 0$) and transitions to a suspicious state if it gets classified as malicious ($\mathcal{D}({\tt t},i) = \text{malicious}$, thus ${\tt T}_i^{\tt t} > 0$). The process ${\tt t}$ can remain in the suspicious state (${\tt T}_i^{\tt t} > 0$) or return to a normal state (${\tt T}_i^{\tt t} = 0$) based on its execution behavior. Once the detector accumulates the number of measurements to achieve the detection efficacy specified by the user (${\tt N}_i^{\tt t} \geq {\tt N^*}$), the process switches to the terminable state from normal or suspicious. The process ${\tt t}$ in terminable state gets terminated if the detector classifies it as malicious ($\mathcal{D}({\tt t},i) = \text{malicious}$) or if ${\tt t}$ completes execution.
• Figure 4: The impact of Valkyrie on the progress of various micro-architectural attacks.
• Figure 5: (a) Slowdowns with Valkyrie on programs from different benchmark suites including SPEC-2006 SPEC2006, SPEC-2017 spec2017, SPECView13 specviewperf13, STREAM McCalpin:2007:stream and multi-threaded SPEC-2017 spec2017 due to false positives. (b) Slowdowns due to false positives with different post-detection strategies for micro-architectural attacks, i.e., system migration, CPU core migration, and Valkyrie.