HardScope: Hardening Embedded Systems Against Data-Oriented Attacks

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Conference article in proceedings
Date
2019-06-02
Major/Subject
Mcode
Degree programme
Language
en
Pages
6
Series
Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Proceedings - Design Automation Conference
Abstract
Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are in-effective against data-oriented attacks and more expressive Data-oriented Programming (DOP) attacks that bypass state-of-the-art defenses. We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks.
Description
| openaire: EC/H2020/643964/EU//SUPERCLOUD
Keywords
Other note
Citation
Nyman, T, Dessouky, G, Zeitouni, S, Lehikoinen, A, Paverd, A, Asokan, N & Sadeghi, A-R 2019, HardScope: Hardening Embedded Systems Against Data-Oriented Attacks . in Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 ., 63, Proceedings - Design Automation Conference, ACM, Design Automation Conference, Las Vegas, Nevada, United States, 02/06/2019 . https://doi.org/10.1145/3316781.3317836