Go to GLVLSI 2023 homepageMAYAVI: A Cyber-Deception Hardware for Memory Load-Stores
Abstract: Rapid evolution of security attacks presents a perpetual challenge to computer system defenders in terms of continuously upgrading their defense capabilities and being aware of adversarial tactics. Emerging technologies like cyber-deception offer the unique advantage of intelligently surveying hostile behavior while actively safeguarding sensitive assets by manipulating the malware execution flow to non-useful states or misrepresenting critical data. This paper explores the untapped potential of a hardware-assisted cyber-deception framework that augments a contemporary processor's abilities to realize a proactive deception platform. We present MAYAVI, a load/store unit-based hardware deception engine that dynamically alters the target addresses of memory requests issued by a malicious process. The redirected requests can lead to honey-pots that actively engage and deceive the adversary. Our experimental results show MAYAVI's efficacy against recent malware families while incurring negligible performance impact.
0 Replies
Loading