DIALED: Data Integrity Attestation for Low-end Embedded Devices

03/24/2021
by   Ivan De Oliveira Nunes, et al.
0

Verifying integrity of software execution in low-end micro-controller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low cost, low energy and small size. Some recent work yielded inexpensive hardware/software co-designs for remotely verifying code and execution integrity. In particular, a means of detecting unauthorized code modifications and control-flow attacks were proposed, referred to as Remote Attestation (RA) and Control-Flow Attestation (CFA), respectively. Despite this progress, detection of data-only attacks remains elusive. Such attacks exploit software vulnerabilities to corrupt intermediate computation results stored in data memory, changing neither the program code nor its control flow. Motivated by lack of any current techniques (for low-end MCUs) that detect these attacks, in this paper we propose, implement and evaluate DIALED, the first Data-Flow Attestation (DFA) technique applicable to the most resource-constrained embedded devices (e.g., TI MSP430). DIALED works in tandem with a companion CFA scheme to detect all (currently known) types of runtime software exploits at fairly low cost.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

04/30/2021

FIPAC: Thwarting Fault- and Software-Induced Control-Flow Attacks with ARM Pointer Authentication

With the improvements of computing technology, more and more application...
02/09/2018

OEI: Operation Execution Integrity for Embedded Devices

We formulate a new security property, called "Operation Execution Integr...
02/19/2021

Toward Taming the Overhead Monster for Data-Flow Integrity

Data-Flow Integrity (DFI) is a well-known approach to effectively detect...
10/22/2021

ReCFA: Resilient Control-Flow Attestation

Recent IoT applications gradually adapt more complicated end systems wit...
07/20/2018

SCARR: A Novel Scalable Runtime Remote Attestation

Runtime remote attestation is a technique that allows to validate the co...
03/07/2018

Co-processor-based Behavior Monitoring: Application to the Detection of Attacks Against the System Management Mode

Highly privileged software, such as firmware, is an attractive target fo...
10/24/2018

On the Effectiveness of Type-based Control Flow Integrity

Control flow integrity (CFI) has received significant attention in the c...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.