Umeå University's logo

umu.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Investigating Trade-Offs in Mitigating Double-Fetches Introduced by Compile-Time Optimizations: Analysing the Impact of Security Measures on Software Performance
Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
2024 (engelsk)Independent thesis Basic level (degree of Bachelor), 10 poäng / 15 hpOppgave
Abstract [en]

In software security, balancing the need for robust protection with performance considerations is a critical challenge. Mitigation techniques are essential to defend against various types of attacks, but they can also introduce performance overheads. Meanwhile, compilers provide optimizations that aim to enhance performance but inadvertently introduce security vulnerabilities, such as double-fetches. This thesis explores the trade-offs associated with disabling compiler optimisation options to enhance security against such vulnerabilities. By examining various optimisation levels (-O1, -O2, -O3, -Ofast) in GNU Compiler Collectio (GCC) and  LLVM compilers, we quantitatively analyse their impact on execution time, memory usage, and complexity of the binaries. Our study reveals that while opting out of optimisations can significantly improve security by eliminating double-fetch bugs, it also leads to increased execution time and larger binary sizes. These findings underscore developers' need to make informed choices about optimisations,  balancing security concerns with performance requirements. This work contributes to a deeper understanding of the security-performance trade-offs in software development and provides a foundation for further research into compiler optimisations and security.

sted, utgiver, år, opplag, sider
2024. , s. 21
Serie
UMNAD ; 1475
Emneord [en]
Mitigation, Program Analysis, Performance, CFI-bypass
HSV kategori
Identifikatorer
URN: urn:nbn:se:umu:diva-226836OAI: oai:DiVA.org:umu-226836DiVA, id: diva2:1875111
Eksternt samarbeid
Nasdaq Technology AB
Utdanningsprogram
Bachelor of Science Programme in Computing Science
Veileder
Examiner
Tilgjengelig fra: 2024-06-26 Laget: 2024-06-20 Sist oppdatert: 2024-06-26bibliografisk kontrollert

Open Access i DiVA

fulltext(2565 kB)88 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 2565 kBChecksum SHA-512
a4bea26dbd9488998fe193fc018a20b97a4d88acd04bdb85d8d452f2be8643219aa58b2d4767abaa8303de7857f92c13032329c885d0375438b808c614d933cb
Type fulltextMimetype application/pdf

Søk i DiVA

Av forfatter/redaktør
Fransson, William
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 88 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 350 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf