Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Variable Record Table: A Unified Hardware-Assisted Framework for Runtime Security

Suraj Kumar Sah, Love Kumar Sah

TL;DR

The paper tackles memory-safety violations, control-flow hijacking, and speculative execution threats by introducing the Variable Record Table (VRT), a unified hardware framework. VRT dynamically instruments runtime instructions to build a shared metadata table of variable bounds, control-flow signatures, and speculative access patterns, enabling parallel checks in a single clock cycle. The approach achieves zero runtime instruction overhead with modest hardware costs (about 1.98% area and ~11.65 μW power) and demonstrates complete attack detection across MiBench/SPEC benchmarks, with a memory footprint under tens of kilobytes. This unified, hardware-assisted solution eliminates gaps between disparate protections and offers practical protection for modern processors without ISA changes.

Abstract

Modern computing systems face security threats, including memory corruption attacks, speculative execution vul- nerabilities, and control-flow hijacking. Although existing solu- tions address these threats individually, they frequently introduce performance overhead and leave security gaps. This paper presents a Variable Record Table (VRT) with a unified hardware- assisted framework that simultaneously enforces spatial memory safety against buffer overflows, back-edge control-flow integrity (CFI), and speculative execution attack detection. The VRT dynamically constructs a protection table by instrumenting run- time instructions to extract memory addresses, bounds metadata, and control-flow signatures. Our evaluation across MiBench and SPEC benchmarks shows that VRT successfully detects all attack variants tested with zero additional instruction overhead. Fur- thermore, it maintains memory requirements below 25KB (for 512 entries) and maintains area / power overhead under 8% and 11.65 μW, respectively. By consolidating three essential security mechanisms into a single hardware structure, VRT provides comprehensive protection while minimizing performance impact.

Variable Record Table: A Unified Hardware-Assisted Framework for Runtime Security

TL;DR

The paper tackles memory-safety violations, control-flow hijacking, and speculative execution threats by introducing the Variable Record Table (VRT), a unified hardware framework. VRT dynamically instruments runtime instructions to build a shared metadata table of variable bounds, control-flow signatures, and speculative access patterns, enabling parallel checks in a single clock cycle. The approach achieves zero runtime instruction overhead with modest hardware costs (about 1.98% area and ~11.65 μW power) and demonstrates complete attack detection across MiBench/SPEC benchmarks, with a memory footprint under tens of kilobytes. This unified, hardware-assisted solution eliminates gaps between disparate protections and offers practical protection for modern processors without ISA changes.

Abstract

Modern computing systems face security threats, including memory corruption attacks, speculative execution vul- nerabilities, and control-flow hijacking. Although existing solu- tions address these threats individually, they frequently introduce performance overhead and leave security gaps. This paper presents a Variable Record Table (VRT) with a unified hardware- assisted framework that simultaneously enforces spatial memory safety against buffer overflows, back-edge control-flow integrity (CFI), and speculative execution attack detection. The VRT dynamically constructs a protection table by instrumenting run- time instructions to extract memory addresses, bounds metadata, and control-flow signatures. Our evaluation across MiBench and SPEC benchmarks shows that VRT successfully detects all attack variants tested with zero additional instruction overhead. Fur- thermore, it maintains memory requirements below 25KB (for 512 entries) and maintains area / power overhead under 8% and 11.65 μW, respectively. By consolidating three essential security mechanisms into a single hardware structure, VRT provides comprehensive protection while minimizing performance impact.

Paper Structure

This paper contains 18 sections, 4 figures, 2 tables.

Table of Contents

  1. Introduction
  2. RUNTIME DEFENCE ARCHITECTURE
  3. Variable Space Extraction Architecture
  4. Buffer Overflow and VRT
  5. Constant variable index
  6. Loop operation on array or pointer variable
  7. Backward-edge CFI Enforement
  8. Defending Against Cache Probe Attacks Using VRT
  9. EXPERIMENTAL RESULTS
  10. Experimental Setup
  11. Experimental Results
  12. Variable Extraction
  13. Buffer Overflow
  14. Back-edge CFI
  15. Speculative based cache probe attack
  16. ...and 3 more sections

Figures (4)

  • Figure 1: Overall Architecture
  • Figure 2: Modified Pipeline for Runtime Variable Space Extraction
  • Figure 3: A Control Sequence Graph Example.
  • Figure 4: VRT with dirty bit and cache probe