Presentation is loading. Please wait.

Presentation is loading. Please wait.

On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.

Published byBarbra Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui."— Presentation transcript:

1 On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui Sha, Renato Mancuso, Sibin Mohan 1

2 Rethinking Embedded System Security Traditional Embedded Systems Physically isolated environment Limited capability Use of specialized protocols Modern Embedded Systems More networked Increased capability Open, standard platform Sensitive/privacy information More vulnerable to security attacks Smart Grid Smart Car Smart Appliances Smart Phones 2

3 Challenges in Embedded System Security Limited Resources - Computational power, energy, cost Timing Requirement - Safety, reliability, quality of service System Upgrade - Verifiability they either require components that do not necessary exist in simple embedded system (such as trusted operating system or memory management units) Components the overheads imposed by them is not predictable enough for providing guarantees that are necessary for such systems. Predictable Overhead 3 Limitations in Existing Approaches

4 Our Solution 1.Extract the control Flow graph from executable 4 Time 2.Store the control flow graph on dedicated hardware 3.Check the run- time control flow with a dedicated hardware unit

5 Why It Works At inspection time, the dedicated core validates the execution flow. 5 Block x Block y Block z Malicious Code Block Time If malicious code gets executed, the control flow graph mutates...and detection is performed

6 Attacks 6 Overwrite the return address Overwrite a control variable Buffer Overflow Direct execution towards a libc function Return-into-libc Overwrite a function return address to chain the execution of small preexisting code fragments to produce arbitrary program behavior Return-oriented- programming Icode into a process with high privileges from a low-privileged one. Code injection

7 Architecture 7 Monitoring Module On-Chip Control Flow Monitoring Module (OCFMM) Block Info Program Counter Instruction Register Processor Isolated OCFMM Memory Block ID

8 Control Flow Example 8 main : instr_1 instr_2 lbl_2: instr_3 JEQ lbl_1 instr_4 instr_5 instr_6 JMP lbl_2 lbl_1: instr_7 instr_8 CALL func_1 instr_9 JMP lbl_2 func_1 :instr_f1 instr_f2 RET 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 block D block C block B block A block E n = 4 pc = instr_1 n = 4 pc = instr_1 A n = 4 pc = instr_4 n = 4 pc = instr_4 B n = 3 pc = instr_7 n = 3 pc = instr_7 C n = 2 pc = instr_9 n = 2 pc = instr_9 D n = 3 pc = instr_f1 n = 3 pc = instr_f1 E Yes No Yes/No For each block, we store: 1.Block ID 2.Address of first instruction 3.Number of instructions 4.Yes-Block 5.No-Block

9 Inspection Suppose that the execution is in block A 9 n = 4 pc = instr_1 n = 4 pc = instr_1 A 1. Check that PC is between instr_1 + n n = 4 pc = instr_4 n = 4 pc = instr_4 B n = 3 pc = instr_7 n = 3 pc = instr_7 C Yes No 2. If not, fetch Yes/No Blocks C & B from OCFMM memory 3. If execution is not at instr_7 nor at instr_4, raise detection flag

10 Predictable Overhead Overhead is paid in short blocks where integrity check is longer than block execution time. 10

11 Experiments Code replacement attack – one of the jump destinations is different from the expected address resulting Return address overwriting in stack – jump to a different return address 11

12 Limitations Unable to detect attacks that do not alter the CFG – Still attacking the platform is significantly harder 12 Need for ad-hoc platform – The proposed approach is hardware-based. Custom hardware needed

13 Effective and Applicable to Embedded Real-Time Systems Finite and predictable overhead Software updates in embedded/RT systems are relatively rare Hardware isolation provides guaranteed protection

14 Implementation Replacing on-chip SRAM unit of OCFMM with an external one CFG profile caching mechanism Measurements Extensive measurements on logic overhead Measurements on performance overhead with and without block information caching mechanism Expansion Distinguish between multiple tasks and monitor the control flow of each Securing the whole system by detecting and securing some critical components Future Plan 14

15 Question? 15 Thank You

Download ppt "On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui."

Similar presentations

Architectural Support for Software-Based Protection Mihai Budiu Úlfar Erlingsson Martín Abadi ASID Workshop, Oct 21, 2006 Silicon Valley.

Architectural Support for Software-Based Protection Mihai Budiu Úlfar Erlingsson Martín Abadi ASID Workshop, Oct 21, 2006 Silicon Valley.
ROP is Still Dangerous: Breaking Modern Defenses Nicholas Carlini et. al University of California, Berkeley USENIX Security 2014 Presenter: Yue Li Part.

ROP is Still Dangerous: Breaking Modern Defenses Nicholas Carlini et. al University of California, Berkeley USENIX Security 2014 Presenter: Yue Li Part.
Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.
Integrity & Malware Dan Fleck CS469 Security Engineering Some of the slides are modified with permission from Quan Jia. Coming up: Integrity – Who Cares?

Integrity & Malware Dan Fleck CS469 Security Engineering Some of the slides are modified with permission from Quan Jia. Coming up: Integrity – Who Cares?
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.

Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.

Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Architecture Support for Security Peter Chapman Michael Maass.

Architecture Support for Security Peter Chapman Michael Maass.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Chapter 1 Computer System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 1 Computer System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
CS 153 Design of Operating Systems Spring 2015

CS 153 Design of Operating Systems Spring 2015
Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.

Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
Computer System Overview

Computer System Overview
Computer System Overview

Computer System Overview
Basic Input/Output Operations

Basic Input/Output Operations
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

Similar presentations

Ads by Google