A New Secure Memory System for Efficient Data Protection and Access Pattern Obfuscation
- URL: http://arxiv.org/abs/2402.15824v1
- Date: Sat, 24 Feb 2024 14:23:34 GMT
- Title: A New Secure Memory System for Efficient Data Protection and Access Pattern Obfuscation
- Authors: Haoran Geng, Yuezhi Che, Aaron Dingler, Michael Niemier, Xiaobo Sharon Hu,
- Abstract summary: We introduce Secure Scattered Memory (SSM), a comprehensive security solution that preserves confidentiality of data content without encryption.
SSM is designed to inherently obscure memory access patterns, thereby significantly enhancing the confidentiality of memory data.
We also introduce SSM+, an extension that adapts Path ORAM to offer even greater security guarantees for both data content and memory access patterns.
- Score: 2.9925968208447182
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: As the reliance on secure memory environments permeates across applications, memory encryption is used to ensure memory security. However, most effective encryption schemes, such as the widely used AES-CTR, inherently introduce extra overheads, including those associated with counter storage and version number integrity checks. Moreover, encryption only protects data content, and it does not fully address the memory access pattern leakage. While Oblivious RAM (ORAM) aims to obscure these patterns, its high performance costs hinder practical applications. We introduce Secure Scattered Memory (SSM), an efficient scheme provides a comprehensive security solution that preserves the confidentiality of data content without traditional encryption, protects access patterns, and enables efficient integrity verification. Moving away from traditional encryption-centric methods, SSM offers a fresh approach to protecting data content while eliminating counter-induced overheads. Moreover, SSM is designed to inherently obscure memory access patterns, thereby significantly enhancing the confidentiality of memory data. In addition, SSM incorporates lightweight, thus integrated mechanisms for integrity assurance, protecting against data tampering. We also introduce SSM+, an extension that adapts Path ORAM to offer even greater security guarantees for both data content and memory access patterns, demonstrating its flexibility and efficiency. Experimental results show that SSM incurs only a 10% performance overhead compared to non-protected memory and offers a 15% improvement over AES-CTR mode memory protection. Notably, SSM+ provides an 20% improvement against Path ORAM integrated with Intel SGX under the highest security guarantees.
Related papers
- DP-MemArc: Differential Privacy Transfer Learning for Memory Efficient Language Models [29.147695134795146]
We introduce DP-MemArc, a novel training framework aimed at reducing the memory costs of large language models.
DP-MemArc incorporates side network or reversible network designs to support a variety of differential privacy memory-efficient fine-tuning schemes.
arXiv Detail & Related papers (2024-06-16T22:11:41Z) - ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization [24.4696797147503]
heap corruption poses severe threats to system security.
We present ShadowBound, a unique heap memory protection design.
We implement ShadowBound atop the LLVM framework and integrated three state-of-the-art use-after-free defenses.
arXiv Detail & Related papers (2024-06-04T07:02:53Z) - Safe LoRA: the Silver Lining of Reducing Safety Risks when Fine-tuning Large Language Models [51.20476412037321]
Fine-tuning large language models (LLMs) is necessary to enhance their performance for customized datasets, domain-specific tasks, or other private needs.
Safe LoRA is a one-liner patch to the original LoRA implementation by introducing the projection of LoRA weights from selected layers to the safety-aligned subspace.
Our experiments demonstrate that when fine-tuning on purely malicious data, Safe LoRA retains similar safety performance as the original aligned model.
arXiv Detail & Related papers (2024-05-27T05:04:05Z) - MemLLM: Finetuning LLMs to Use An Explicit Read-Write Memory [49.96019697955383]
We introduce MemLLM, a novel method of enhancing knowledge capabilities by integrating a structured and explicit read-and-write memory module.
Our experiments indicate that MemLLM enhances performance and interpretability, in language modeling general and in particular.
We see MemLLM as an important step towards making LLMs more grounded and factual through memory augmentation.
arXiv Detail & Related papers (2024-04-17T18:13:16Z) - Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects [37.992322891101374]
Existing memory safety defenses aim at protecting all objects, resulting in high performance cost and incomplete protection.
We propose an approach that accurately identifies objects that are inexpensive to protect, and design a method to protect such objects comprehensively from all classes of memory errors.
arXiv Detail & Related papers (2023-10-10T08:04:08Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - SemProtector: A Unified Framework for Semantic Protection in Deep Learning-based Semantic Communication Systems [51.97204522852634]
We present a unified framework that aims to secure an online semantic communications system with three semantic protection modules.
Specifically, these protection modules are able to encrypt semantics to be transmitted by an encryption method, mitigate privacy risks from wireless channels by a perturbation mechanism, and calibrate distorted semantics at the destination.
Our framework enables an existing online SC system to dynamically assemble the above three pluggable modules to meet customized semantic protection requirements.
arXiv Detail & Related papers (2023-09-04T06:34:43Z) - Recurrent Dynamic Embedding for Video Object Segmentation [54.52527157232795]
We propose a Recurrent Dynamic Embedding (RDE) to build a memory bank of constant size.
We propose an unbiased guidance loss during the training stage, which makes SAM more robust in long videos.
We also design a novel self-correction strategy so that the network can repair the embeddings of masks with different qualities in the memory bank.
arXiv Detail & Related papers (2022-05-08T02:24:43Z) - Plinius: Secure and Persistent Machine Learning Model Training [2.1375296464337086]
Persistent memory (PM) is resilient to power loss (unlike DRAM)
We present PLINIUS, a framework using Intel SGX enclaves for secure training of ML models and PM for fault tolerance guarantees.
arXiv Detail & Related papers (2021-04-07T08:35:59Z) - Neural Network Compression for Noisy Storage Devices [71.4102472611862]
Conventionally, model compression and physical storage are decoupled.
This approach forces the storage to treat each bit of the compressed model equally, and to dedicate the same amount of resources to each bit.
We propose a radically different approach that: (i) employs analog memories to maximize the capacity of each memory cell, and (ii) jointly optimize model compression and physical storage to maximize memory utility.
arXiv Detail & Related papers (2021-02-15T18:19:07Z) - Neural Storage: A New Paradigm of Elastic Memory [4.307341575886927]
Storage and retrieval of data in a computer memory plays a major role in system performance.
We introduce Neural Storage (NS), a brain-inspired learning memory paradigm that organizes the memory as a flexible neural memory network.
NS achieves an order of magnitude improvement in memory access performance for two representative applications.
arXiv Detail & Related papers (2021-01-07T19:19:25Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.