Abstract
Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are in-effective against data-oriented attacks and more expressive Data-oriented Programming (DOP) attacks that bypass state-of-the-art defenses.
We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks.
We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks.
Original language | English |
---|---|
Title of host publication | Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 |
Publisher | ACM |
Number of pages | 6 |
ISBN (Electronic) | 978-1-4503-6725-7 |
ISBN (Print) | 978-1-7281-2426-1 |
DOIs | |
Publication status | Published - 2 Jun 2019 |
MoE publication type | A4 Conference publication |
Event | Design Automation Conference - Las Vegas, United States Duration: 2 Jun 2019 → 6 Jun 2019 Conference number: 56 |
Publication series
Name | Proceedings - Design Automation Conference |
---|---|
Publisher | ACM |
ISSN (Electronic) | 0738-100X |
Conference
Conference | Design Automation Conference |
---|---|
Country/Territory | United States |
City | Las Vegas |
Period | 02/06/2019 → 06/06/2019 |