CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

Thomas Nyman; Jan-Erik Ekberg; Lucas Davi; N Asokan

doi:10.1007/978-3-319-66332-6_12

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

Thomas Nyman, Jan-Erik Ekberg, Lucas Davi, N Asokan

Tietotekniikan laitos

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

48 Sitaatiot (Scopus)

Abstrakti

With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact.

Alkuperäiskieli	Englanti
Otsikko	Research in Attacks, Intrusions, and Defenses
Alaotsikko	20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings
Toimittajat	Marc Dacier, Michael Bailey, Michalis Polychronakis, Manos Antonakakis
Kustantaja	Springer
Sivut	259-284
Sivumäärä	25
ISBN (elektroninen)	978-3-319-66332-6
ISBN (painettu)	978-3-319-66331-9
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-319-66332-6_12
Tila	Julkaistu - 18 syysk. 2017
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisussa
Tapahtuma	International Symposium on Research in Attacks, Intrusions, and Defenses - Georgia Tech Hotel and Conference Center, Atlanta, Yhdysvallat Kesto: 18 syysk. 2017 → 20 syysk. 2017 Konferenssinumero: 20 https://www.raid2017.org/

Julkaisusarja

Nimi	Lecture Notes in Computer Science
Kustantaja	Springer
Vuosikerta	10453
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Conference

Conference	International Symposium on Research in Attacks, Intrusions, and Defenses
Lyhennettä	RAID
Maa/Alue	Yhdysvallat
Kaupunki	Atlanta
Ajanjakso	18/09/2017 → 20/09/2017
www-osoite	https://www.raid2017.org/

Pääsy asiakirjaan

10.1007/978-3-319-66332-6_12

Muut tiedostot ja linkit

Link to publication in Scopus

Siteeraa tätä

Nyman, T., Ekberg, J.-E., Davi, L., & Asokan, N. (2017). CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. teoksessa M. Dacier, M. Bailey, M. Polychronakis, & M. Antonakakis (Toimittajat), Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings (Sivut 259-284). ( Lecture Notes in Computer Science; Vuosikerta 10453). Springer. https://doi.org/10.1007/978-3-319-66332-6_12

Nyman, Thomas ; Ekberg, Jan-Erik ; Davi, Lucas et al. / CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings. Toimittaja / Marc Dacier ; Michael Bailey ; Michalis Polychronakis ; Manos Antonakakis. Springer, 2017. Sivut 259-284 ( Lecture Notes in Computer Science).

@inproceedings{0d7f76f6181c49ac8b79375d805d295f,

title = "CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers",

abstract = "With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact. ",

author = "Thomas Nyman and Jan-Erik Ekberg and Lucas Davi and N Asokan",

year = "2017",

month = sep,

day = "18",

doi = "10.1007/978-3-319-66332-6\_12",

language = "English",

isbn = "978-3-319-66331-9",

series = " Lecture Notes in Computer Science",

publisher = "Springer",

pages = "259--284",

editor = "Marc Dacier and Michael Bailey and Michalis Polychronakis and Manos Antonakakis",

booktitle = "Research in Attacks, Intrusions, and Defenses",

address = "Germany",

note = "International Symposium on Research in Attacks, Intrusions, and Defenses, RAID ; Conference date: 18-09-2017 Through 20-09-2017",

url = "https://www.raid2017.org/",

}

Nyman, T, Ekberg, J-E, Davi, L & Asokan, N 2017, CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. julkaisussa M Dacier, M Bailey, M Polychronakis & M Antonakakis (toim), Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings. Lecture Notes in Computer Science, Vuosikerta 10453, Springer, Sivut 259-284, International Symposium on Research in Attacks, Intrusions, and Defenses, Atlanta, Georgia, Yhdysvallat, 18/09/2017. https://doi.org/10.1007/978-3-319-66332-6_12

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. / Nyman, Thomas; Ekberg, Jan-Erik; Davi, Lucas et al.
Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings. toim. / Marc Dacier; Michael Bailey; Michalis Polychronakis; Manos Antonakakis. Springer, 2017. s. 259-284 ( Lecture Notes in Computer Science; Vuosikerta 10453).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

TY - GEN

T1 - CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

AU - Nyman, Thomas

AU - Ekberg, Jan-Erik

AU - Davi, Lucas

AU - Asokan, N

N1 - Conference code: 20

PY - 2017/9/18

Y1 - 2017/9/18

N2 - With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact.

AB - With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE, the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact.

UR - https://www.scopus.com/pages/publications/85032877771

U2 - 10.1007/978-3-319-66332-6_12

DO - 10.1007/978-3-319-66332-6_12

M3 - Conference article in proceedings

SN - 978-3-319-66331-9

T3 - Lecture Notes in Computer Science

SP - 259

EP - 284

BT - Research in Attacks, Intrusions, and Defenses

A2 - Dacier, Marc

A2 - Bailey, Michael

A2 - Polychronakis, Michalis

A2 - Antonakakis, Manos

PB - Springer

T2 - International Symposium on Research in Attacks, Intrusions, and Defenses

Y2 - 18 September 2017 through 20 September 2017

ER -

Nyman T, Ekberg JE, Davi L, Asokan N. CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. julkaisussa Dacier M, Bailey M, Polychronakis M, Antonakakis M, toimittajat, Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings. Springer. 2017. s. 259-284. ( Lecture Notes in Computer Science). doi: 10.1007/978-3-319-66332-6_12

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

Abstrakti

Julkaisusarja

Conference

Pääsy asiakirjaan

Muut tiedostot ja linkit

Sormenjälki

Siteeraa tätä