Programs are developed in a manner so that they execute and fulfill their intended purpose. In doing so, programmers trust the language to help them achieve their goals. Binary hardening is one such concept that prevents program behavior deviation and conveys the programmer’s intention. Therefore, to maintain the integrity of the program, measures need to be taken to avoid code-tampering. The proposed approach enforces code verification from instruction-to-instruction by using the programmer’s intended control flow. UnderTracker implements execution flow at the instruction cache by utilizing the read-only data-cache available in the program. The key idea is to place a control transfer code in data-cache and call it from instruction cache via labels. UnderTracker injects labels into the binary without affecting the semantics of the program. After the code execution starts, it verifies every control point’s legality before passing the control to the next instruction, by passively monitoring the execution flow. We proposed a cache-based monitoring method to verify code integrity. In this, we used side-channel information to monitor the program’s execution state. This monitoring system uses a sliding window scheme to detect the violation of code integrity with high reliability. This paper proposes an efficient technique, called UnderTracker to strengthen the binary integrity of an I/O intensive running program, with the nominal overhead of only 5-6% on top of the normal execution.

程序的开发方式使其可以执行并实现其预期目的。这样，程序员相信该语言可以帮助他们实现目标。二进制强化就是这样一种概念，它可以防止程序行为偏差并传达程序员的意图。因此，为了保持程序的完整性，需要采取措施来避免代码篡改。所提出的方法通过使用程序员的预期控制流从指令到指令强制执行代码验证。UnderTracker通过利用程序中可用的只读数据缓存在指令缓存处实现执行流程。关键思想是将控制转移代码放入数据缓存中，并通过标签从指令缓存中调用它。追踪者将标签注入二进制文件，而不会影响程序的语义。代码执行开始后，它将通过被动监视执行流来验证每个控制点的合法性，然后再将控制权传递给下一条指令。我们提出了一种基于缓存的监视方法来验证代码的完整性。在本文中，我们使用了边通道信息来监视程序的执行状态。该监视系统使用滑动窗口方案以高可靠性检测违反代码完整性的行为。本文提出了一种称为UnderTracker的有效技术，以增强I / O密集型运行程序的二进制完整性，在正常执行之上，其名义开销仅为5-6％。