HardScope: Hardening Embedded Systems Against Data-Oriented Attacks
dc.contributor | Aalto-yliopisto | fi |
dc.contributor | Aalto University | en |
dc.contributor.author | Nyman, Thomas | en_US |
dc.contributor.author | Dessouky, Ghada | en_US |
dc.contributor.author | Zeitouni, Shaza | en_US |
dc.contributor.author | Lehikoinen, Aaro | en_US |
dc.contributor.author | Paverd, Andrew | en_US |
dc.contributor.author | Asokan, N. | en_US |
dc.contributor.author | Sadeghi, Ahmad-Reza | en_US |
dc.contributor.department | Department of Computer Science | en |
dc.contributor.groupauthor | Adj. Prof Asokan N. group | en |
dc.contributor.groupauthor | Helsinki Institute for Information Technology (HIIT) | en |
dc.contributor.organization | Technische Universität Darmstadt | en_US |
dc.contributor.organization | Department of Computer Science | en_US |
dc.date.accessioned | 2019-11-15T08:10:33Z | |
dc.date.available | 2019-11-15T08:10:33Z | |
dc.date.issued | 2019-06-02 | en_US |
dc.description | | openaire: EC/H2020/643964/EU//SUPERCLOUD | |
dc.description.abstract | Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are in-effective against data-oriented attacks and more expressive Data-oriented Programming (DOP) attacks that bypass state-of-the-art defenses. We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks. | en |
dc.description.version | Peer reviewed | en |
dc.format.extent | 6 | |
dc.format.mimetype | application/pdf | en_US |
dc.identifier.citation | Nyman, T, Dessouky, G, Zeitouni, S, Lehikoinen, A, Paverd, A, Asokan, N & Sadeghi, A-R 2019, HardScope: Hardening Embedded Systems Against Data-Oriented Attacks . in Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 ., 63, Proceedings - Design Automation Conference, ACM, Design Automation Conference, Las Vegas, Nevada, United States, 02/06/2019 . https://doi.org/10.1145/3316781.3317836 | en |
dc.identifier.doi | 10.1145/3316781.3317836 | en_US |
dc.identifier.isbn | 978-1-7281-2426-1 | |
dc.identifier.isbn | 978-1-4503-6725-7 | |
dc.identifier.issn | 0738-100X | |
dc.identifier.other | PURE UUID: 105ecb92-f226-4e16-bcf3-37a2377b2615 | en_US |
dc.identifier.other | PURE ITEMURL: https://research.aalto.fi/en/publications/105ecb92-f226-4e16-bcf3-37a2377b2615 | en_US |
dc.identifier.other | PURE LINK: https://arxiv.org/abs/1705.10295 | en_US |
dc.identifier.other | PURE FILEURL: https://research.aalto.fi/files/38543245/hardscope_authorversion.pdf | en_US |
dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/41234 | |
dc.identifier.urn | URN:NBN:fi:aalto-201911156239 | |
dc.language.iso | en | en |
dc.publisher | ACM/IEEE | |
dc.relation | info:eu-repo/grantAgreement/EC/H2020/643964/EU//SUPERCLOUD | en_US |
dc.relation.ispartof | Design Automation Conference | en |
dc.relation.ispartofseries | Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 | en |
dc.relation.ispartofseries | Proceedings - Design Automation Conference | en |
dc.rights | openAccess | en |
dc.title | HardScope: Hardening Embedded Systems Against Data-Oriented Attacks | en |
dc.type | A4 Artikkeli konferenssijulkaisussa | fi |
dc.type.version | acceptedVersion |