HardScope: Hardening Embedded Systems Against Data-Oriented Attacks

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Researchers

Research units

  • Technische Universität Darmstadt

Abstract

Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are in-effective against data-oriented attacks and more expressive Data-oriented Programming (DOP) attacks that bypass state-of-the-art defenses.

We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks.

Details

Original languageEnglish
Title of host publicationProceedings of the 56th Annual Design Automation Conference 2019, DAC 2019
Publication statusPublished - 2 Jun 2019
MoE publication typeA4 Article in a conference publication
EventDesign Automation Conference - Las Vegas, United States
Duration: 2 Jun 20196 Jun 2019
Conference number: 56

Publication series

NameProceedings - Design Automation Conference
PublisherACM/IEEE
ISSN (Electronic)0738-100X

Conference

ConferenceDesign Automation Conference
CountryUnited States
CityLas Vegas
Period02/06/201906/06/2019

Download statistics

No data available

ID: 32098023