Michele Grisafi, M. Ammar, Marco Roveri, Bruno Crispo
{"title":"FLAShadow: A Flash-based Shadow Stack for Low-end Embedded Systems","authors":"Michele Grisafi, M. Ammar, Marco Roveri, Bruno Crispo","doi":"10.1145/3670413","DOIUrl":null,"url":null,"abstract":"Run-time attacks are a rising threat to both low- and high-end systems, with the spread of techniques like Return Oriented Programming (ROP) that aim at hijacking the control flow of vulnerable applications. Although several control flow integrity schemes have been proposed by both academia and the industry, the vast majority of them are not compatible with low-end embedded devices, especially the ones that lack hardware security features.\n \n In this paper, we propose\n FLAShadow\n , a secure shadow stack design and implementation for low-end embedded systems, relying on zero hardware security features. The key idea is to leverage a software-based memory isolation mechanism to establish an integrity-protected memory area on the Flash of the target device, where\n FLAShadow\n can be securely maintained.\n FLAShadow\n exclusively reserves a register for maintaining the integrity of the stack pointer and also depends on a minimal trusted run-time component to avoid trusting the compiler toolchain. We evaluate an open-source implementation of\n FLAShadow\n for the MSP430 architecture, showing an average performance and memory overhead of 168.58% and 25.91% respectively. While the average performance overhead is considered high, we show that it is application-dependent and incurs less than 5% for some applications.\n","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":3.5000,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3670413","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Run-time attacks are a rising threat to both low- and high-end systems, with the spread of techniques like Return Oriented Programming (ROP) that aim at hijacking the control flow of vulnerable applications. Although several control flow integrity schemes have been proposed by both academia and the industry, the vast majority of them are not compatible with low-end embedded devices, especially the ones that lack hardware security features.
In this paper, we propose
FLAShadow
, a secure shadow stack design and implementation for low-end embedded systems, relying on zero hardware security features. The key idea is to leverage a software-based memory isolation mechanism to establish an integrity-protected memory area on the Flash of the target device, where
FLAShadow
can be securely maintained.
FLAShadow
exclusively reserves a register for maintaining the integrity of the stack pointer and also depends on a minimal trusted run-time component to avoid trusting the compiler toolchain. We evaluate an open-source implementation of
FLAShadow
for the MSP430 architecture, showing an average performance and memory overhead of 168.58% and 25.91% respectively. While the average performance overhead is considered high, we show that it is application-dependent and incurs less than 5% for some applications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
