EPA-RIMM constitutes an effective inspection capability that targets stealthy host software rootkits. With an extensible, performance aware, and effective SMM-RIMM, rootkit developers can not count on a lack of detection. Provid- ing a usable scheduling mechanism for measurement SMIs also presents a method to bring order to the scheduling of an important class of platform man- agement tasks. As we advanced the SMM-RIMM concept, there were some established system techniques that we were able to draw from, such as the knapsack problem and real-time operating system schedulers, however, other aspects required original thinking. As the prevalent approach of unbounded time in SMM for rootkit detection was infeasible, we researched and identi- fied methods of decomposing large measurements into smaller portions to fit within an SMI time quantum. We demonstrate the merits of measurement decomposition, priority-based scheduling, and aging to prevent measurement task starvation. As entries and exits from SMM consume time that would otherwise be used for processing, there is a risk of the overheads from transi- tioning into and out of SMM becoming the dominating cost. Therefore, we maximize the amount of work spent in an SMM session up to the specified limit. With this approach, negative system impacts due to prolonged periods of SMM execution can be avoided and effective rootkit detection performed with minimal impact. We further optimize EPA-RIMM’s performance by implementing an SMM-RIMM variant of Paradyn’s performance hypothesis, instead focused on identifying rootkits.
1.3.1 First Linkage of SMI Latency Guidelines and Performance Impacts to SMM-RIMMs
At the outset of this work, the state of the art for SMM-based runtime in- tegrity measurement mechanisms consisted of: 1. SMI durations that greatly
exceeded the Intel BIOS Test Suite (BITS) SMI latency guideline of 150µs, and 2: Unbounded SMI time. This Intel-designed tool generates alerts if detected SMI durations exceeded 150µs, however, SMM-RIMM developers did not limit SMI time in their design and the consequences of exceeding the threshold were not clearly demonstrated. In our paper, "Performance Implications of System Management Mode", we tied the SMI latency guide- line (LimitSMIBITS) for the first time to SMM-RIMMs and based on detailed
measurements, demonstrated a wide-range of negative impacts when the guideline was exceeded which included kernel correctness issues, perfor- mance degradations, and increased power usage [23].
Our performance analysis impacted the design of an HP Labs and Centrale- Supelac SMM attack detection mechanism as they targeted their mechanism to support the 150µs SMI latency guideline that we proposed adherence to, noting "The Intel BIOS Test Suite (BITS) defined the acceptable latency of an SMI to 150µs. Delgado and Karavanic showed that, if the latency exceeds this threshold, it causes a degradation of performance (I/O throughput or CPU time) or user experience (e.g., severe drop in frame rates in game en- gines) [18]." Our SMI performance characterization also provided insights for researchers from UCLA and Microsoft who referred to our performance analysis of SMM [23], noting that "Delgado et al. . . . were the first to experi- mentally expose the performance implications of Intel’s System Management Mode (SMM), which is often used for memory error reporting (and which we discuss in this work). They observed inconsistent Linux kernel performance and reduced quality-of-service (QOS) from SMM on latency-sensitive user applications [35]."
These citations reflect the new awareness of SMM performance impacts that our measurements and analysis has contributed. The design of the HP
Chapter 1. Introduction 22
Labs and CentraleSupelac SMM attack detection which adhered to the 150µs SMI latency guideline demonstrates the impact of our SMM performance measurement methodology and our linkage of the SMI latency guideline to SMM-RIMM performance.
1.3.2 First performance-aware SMM-RIMM design incorporating measure- ment decomposition
EPA-RIMM’s ability to flexibly schedule integrity measurements with sensi- tivity to the current threat levels provides the ability to dynamically increase the amount of security inspection during times where systems in an enterprise are experiencing heightened attack activity. This allows system impacts to be tuned to acceptable tolerances in the general case as well as providing a new ability to increase the amount of inspections when needed. Our method demonstrates that it is possible to take longer-running measurements and de- compose them into smaller components that can be scheduled in accordance with SMI latency bounds. To allow us to evaluate differing approaches in RIMM scheduling, we created a scheduler simulator that allows the evalua- tion of changing key scheduler parameters to investigate their impacts.
Our SMI latency system impact measurements establish guardrails that help keep maximum SMM-RIMM preemptions at desired levels while also allowing for additional headroom for enhanced detection when it is needed. To accomplish this performance analysis, we created an SMM performance measurement methodology and utilized it to conduct a detailed performance characterization of SMM. Our analysis was the first in-depth study of the impacts of SMM on hypervisors, operating systems, device drivers, and applications. This performance analysis provided the necessary empirical results to allow us to re-design SMM-RIMM scheduling and demonstrate a mechanism of scheduling platform tasks in an orderly manner. Loutfi, I.,
notes that EPA-RIMM is a "novel" way of using SMM for non-traditional purposes [69].
1.3.3 First application of measurement triggers to SMM-RIMM
SMM-RIMMs have traditionally featured measurements that were timer- based. EPA-RIMM’s approach allows for reducing the amount of measure- ments required to evaluate hypothesis regarding the system state. This ap- proach leverages measurement triggers that schedule less-intensive measure- ments first to determine if more intensive measurements need to be run to further evaluate the hypothesis. EPA-RIMM supports this capability using the Diagnosis Manager and flexible Check descriptions. This new capability is a first for SMM-RIMMs and can significantly reduce the amount of SMM measurement time required to evaluate a hypothesis.
1.3.4 First SMM-RIMM Benchmark: EPA-RIMM Bench
Runtime security inspections have the essential property that performance efficiency is a key concern. With a virtually unlimited set of resources to measure and re-measure over time, the amount of security inspections that can be performed without degrading the user experience beyond acceptable tolerances requires quantification. As processor performance and degree of parallelism increases, the achievable measurement increases resulting in a reduced time to discover attacks. Additionally, EPA-RIMM could support a variety of hashing, encryption, and message authentication code algorithms, each of which has their own performance and security characteristics. EPA- RIMM Bench provides the ability to directly quantify achievable SMM in- tegrity measurement performance which would allow careful performance analysis to support important design and implementation decisions.
Chapter 1. Introduction 24
1.3.5 First Publicly-Available SMM-RIMM Prototype
Before our work, there have been no public release of an SMM-RIMM. We constructed a functional EPA-RIMM prototype that allows research into SMM- based runtime integrity measurement and accompanying performance mea- surements. With this prototype, we have demonstrated its ability to detect rootkit attacks and also quantified the impact of the RIMM’s fundamental operations of register accesses and memory hashes. We provide our pro- totype to allow researchers to build upon the framework. Taken together these improvements remove key limitations that reduce the practicality and effectiveness of SMM-RIMMs and show that the approach can be an imple- mentable and useful mechanism for detecting host software rootkits. The ideal outcome of this work would be the availability of the EPA-RIMM frame- work that provides this new capability to aid in the detection of rootkits and a community of security researchers who would develop and share checks for the architecture.