AVRAND: A Software-Based Defense Against Code Reuse Attacks for AVR Embedded Devices

Pastrana, Sergio; Tapiador, Juan E.; Suárez-Tangil, Guillermo; Peris-López, Pedro

doi:10.1007/978-3-319-40667-1_4

Cited by 10 publications

(3 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this respect, we believe that such security threats against real-time MCS are realistic and require immediate attentions from security communities. There have been numerous memory corruption vulnerabilities in such systems [1]-[4], [40], [49]. In addition to the memory corruption issues that we discovered from the real-time MCS that we tested ( §VI-B1), we also observed that almost 50% of all security-related patches on the MCS firmware were related to resolving memory corruption vulnerabilities [19].…”

Section: Threat Model and Assumptionsmentioning

confidence: 96%

“…In addition, all software modules, such as applications, libraries, device drivers, and the OS, are executed in the same privilege mode (i.e., the privileged mode) and have access to the entire shared memory space. This makes the memory space a large attack surface open to attackers who could successfully compromise any of the software modules by exploiting a memory corruption vulnerability in real-time MCS, as demonstrated in previous incidents [1]-[4], [40], [49]. For instance, an attacker may exploit a buffer overflow vulnerability in a telnet server through Wi-Fi in a UAV [40] and navigate through the memory space to corrupt critical software and hardware components, such as the flight control program and actuators, to maliciously operate the vehicle.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Securing Real-Time Microcontroller Systems through Customized Memory View Switching

Kim

Choi

et al. 2018

Proceedings 2018 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Real-time microcontrollers have been widely adopted in cyber-physical systems that require both real-time and security guarantees. Unfortunately, security is sometimes traded for real-time performance in such systems. Notably, memory isolation, which is one of the most established security features in modern computer systems, is typically not available in many real-time microcontroller systems due to its negative impacts on performance and violation of real-time constraints. As such, the memory space of these systems has created an open, monolithic attack surface that attackers can target to subvert the entire systems. In this paper, we present MINION, a security architecture that intends to virtually partition the memory space and enforce memory access control of a real-time microcontroller. MINION can automatically identify the reachable memory regions of realtime processes through off-line static analysis on the system's firmware and conduct run-time memory access control through hardware-based enforcement. Our evaluation results demonstrate that, by significantly reducing the memory space that each process can access, MINION can effectively protect a microcontroller from various attacks that were previously viable. In addition, unlike conventional memory isolation mechanisms that might incur substantial performance overhead, the lightweight design of MINION is able to maintain the real-time properties of the microcontroller.

show abstract

Section: Threat Model and Assumptionsmentioning

confidence: 96%

Section: Introductionmentioning

confidence: 99%

Securing Real-Time Microcontroller Systems through Customized Memory View Switching

Kim

Choi

et al. 2018

Proceedings 2018 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Francillon et al [22] propose a similar hardware architecture in which the safe-stack is accessible only to return and call instructions. AVRAND by Pastrana et al [44] constitutes a software-based defense against code reuse attacks for AVR devices. HAFIX [15] is a hardware-based CFI solution for the Intel Siskiyou Peak and SPARC embedded system architectures.…”

Section: Related Workmentioning

confidence: 99%

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

Nyman

Ekberg²,

Davi

et al. 2017

Research in Attacks, Intrusions, and Defenses

View full text Add to dashboard Cite

With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact. 1

show abstract

Efficient Load-Time Diversity for an Embedded Real-Time Operating System

Fellmuth

Hartmer

Skowronek

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

AVRAND: A Software-Based Defense Against Code Reuse Attacks for AVR Embedded Devices

Cited by 10 publications

References 16 publications

Securing Real-Time Microcontroller Systems through Customized Memory View Switching

Securing Real-Time Microcontroller Systems through Customized Memory View Switching

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

Efficient Load-Time Diversity for an Embedded Real-Time Operating System

Contact Info

Product

Resources

About