RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing
While cloud customers can benefit from migrating applications to the cloud, they are concerned about the security of the hosted applications. This is complicated by the customers not knowing whether their cloud applications are working as expected. Although memory-safety Java Virtual Machine (JVM) c...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2018-07-01
|
Series: | Symmetry |
Subjects: | |
Online Access: | http://www.mdpi.com/2073-8994/10/7/253 |
id |
doaj-6f8a112236a7484780d7a05c9b0721d3 |
---|---|
record_format |
Article |
spelling |
doaj-6f8a112236a7484780d7a05c9b0721d32020-11-24T22:25:26ZengMDPI AGSymmetry2073-89942018-07-0110725310.3390/sym10070253sym10070253RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud ComputingHaihe Ba0Huaizhe Zhou1Huidong Qiao2Zhiying Wang3Jiangchun Ren4College of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaWhile cloud customers can benefit from migrating applications to the cloud, they are concerned about the security of the hosted applications. This is complicated by the customers not knowing whether their cloud applications are working as expected. Although memory-safety Java Virtual Machine (JVM) can alleviate their anxiety due to the control flow integrity, their applications are prone to a violation of bytecode integrity. The analysis of some Java exploits indicates that the violation results primarily from the given excess sandbox permission, loading flaws in Java class libraries and third-party middlewares and the abuse of sun.misc.UnsafeAPI. To such an end, we design an architecture, called RIM4J, to enforce a runtime integrity measurement of Java bytecode within a cloud system, with the ability to attest this to a cloud customer in an unforgeable manner. Our RIM4J architecture is portable, such that it can be quickly deployed and adopted for real-world purposes, without requiring modifications to the underlying systems and access to application source code. Moreover, our RIM4J architecture is the first to measure dynamically-generated bytecode. We apply our runtime measurement architecture to a messaging server application where we show how RIM4J can detect undesirable behaviors, such as uploading arbitrary files and remote code execution. This paper also reports the experimental evaluation of a RIM4J prototype using both a macro- and a micro-benchmark; the experimental results indicate that RIM4J is a practical solution for real-world applications.http://www.mdpi.com/2073-8994/10/7/253Java bytecoderuntime measurementcloud securitytrusted computing |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Haihe Ba Huaizhe Zhou Huidong Qiao Zhiying Wang Jiangchun Ren |
spellingShingle |
Haihe Ba Huaizhe Zhou Huidong Qiao Zhiying Wang Jiangchun Ren RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing Symmetry Java bytecode runtime measurement cloud security trusted computing |
author_facet |
Haihe Ba Huaizhe Zhou Huidong Qiao Zhiying Wang Jiangchun Ren |
author_sort |
Haihe Ba |
title |
RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing |
title_short |
RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing |
title_full |
RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing |
title_fullStr |
RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing |
title_full_unstemmed |
RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing |
title_sort |
rim4j: an architecture for language-supported runtime measurement against malicious bytecode in cloud computing |
publisher |
MDPI AG |
series |
Symmetry |
issn |
2073-8994 |
publishDate |
2018-07-01 |
description |
While cloud customers can benefit from migrating applications to the cloud, they are concerned about the security of the hosted applications. This is complicated by the customers not knowing whether their cloud applications are working as expected. Although memory-safety Java Virtual Machine (JVM) can alleviate their anxiety due to the control flow integrity, their applications are prone to a violation of bytecode integrity. The analysis of some Java exploits indicates that the violation results primarily from the given excess sandbox permission, loading flaws in Java class libraries and third-party middlewares and the abuse of sun.misc.UnsafeAPI. To such an end, we design an architecture, called RIM4J, to enforce a runtime integrity measurement of Java bytecode within a cloud system, with the ability to attest this to a cloud customer in an unforgeable manner. Our RIM4J architecture is portable, such that it can be quickly deployed and adopted for real-world purposes, without requiring modifications to the underlying systems and access to application source code. Moreover, our RIM4J architecture is the first to measure dynamically-generated bytecode. We apply our runtime measurement architecture to a messaging server application where we show how RIM4J can detect undesirable behaviors, such as uploading arbitrary files and remote code execution. This paper also reports the experimental evaluation of a RIM4J prototype using both a macro- and a micro-benchmark; the experimental results indicate that RIM4J is a practical solution for real-world applications. |
topic |
Java bytecode runtime measurement cloud security trusted computing |
url |
http://www.mdpi.com/2073-8994/10/7/253 |
work_keys_str_mv |
AT haiheba rim4janarchitectureforlanguagesupportedruntimemeasurementagainstmaliciousbytecodeincloudcomputing AT huaizhezhou rim4janarchitectureforlanguagesupportedruntimemeasurementagainstmaliciousbytecodeincloudcomputing AT huidongqiao rim4janarchitectureforlanguagesupportedruntimemeasurementagainstmaliciousbytecodeincloudcomputing AT zhiyingwang rim4janarchitectureforlanguagesupportedruntimemeasurementagainstmaliciousbytecodeincloudcomputing AT jiangchunren rim4janarchitectureforlanguagesupportedruntimemeasurementagainstmaliciousbytecodeincloudcomputing |
_version_ |
1725757652066107392 |