HardScope: Hardening Embedded Systems Against Data-Oriented Attacks
Loading...
Access rights
openAccess
URL
Journal Title
Journal ISSN
Volume Title
A4 Artikkeli konferenssijulkaisussa
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
Date
2019-06-02
Department
Major/Subject
Mcode
Degree programme
Language
en
Pages
6
Series
Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Proceedings - Design Automation Conference
Abstract
Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are in-effective against data-oriented attacks and more expressive Data-oriented Programming (DOP) attacks that bypass state-of-the-art defenses. We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks.Description
| openaire: EC/H2020/643964/EU//SUPERCLOUD
Keywords
Other note
Citation
Nyman, T, Dessouky, G, Zeitouni, S, Lehikoinen, A, Paverd, A, Asokan, N & Sadeghi, A-R 2019, HardScope: Hardening Embedded Systems Against Data-Oriented Attacks . in Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 ., 63, Proceedings - Design Automation Conference, ACM, Design Automation Conference, Las Vegas, Nevada, United States, 02/06/2019 . https://doi.org/10.1145/3316781.3317836