DeepAI AI Chat
Log In Sign Up

Silhouette: Efficient Intra-Address Space Isolation for Protected Shadow Stacks on Embedded Systems

by   Jie Zhou, et al.

Embedded systems are increasingly deployed in devices that can have physical consequences if compromised by an attacker - including automobile control systems, smart locks, drones, and implantable medical devices. Due to resource and execution-time constraints, C is the primary programming language for writing both operating systems and bare-metal applications on these devices. Unfortunately, C is neither memory safe nor type safe. In this paper, we present an efficient intra-address space isolation technique for embedded ARM processors that leverages unprivileged store instructions. Using a compiler transformation, dubbed store promotion, which transforms regular stores into unprivileged equivalents, we can restrict a subset of the program's memory accesses to unprivileged memory while simultaneously allowing security instrumentation to access security-critical data structures (e.g., a shadow stack) - all without the need for expensive context switching. Using store promotion, we built Silhouette: a software defense that mitigates control-flow hijacking attacks using a combination of hardware configuration, runtime instrumentation, and code transformation. Silhouette enforces Control-Flow Integrity and provides an incorruptible shadow stack for return addresses. We implemented Silhouette on an ARMv7-M board and our evaluation shows that Silhouette incurs an arithmetic mean of 9.23 and 16.93 alternative implementation of Silhouette, which incurs just 2.54 overhead and 5.40


page 1

page 2

page 3

page 4


Restricting Control Flow During Speculative Execution with Venkman

Side-channel attacks such as Spectre that utilize speculative execution ...

InversOS: Efficient Control-Flow Protection for AArch64 Applications with Privilege Inversion

With the increasing popularity of AArch64 processors in general-purpose ...

Pointing in the Right Direction - Securing Memory Accesses in a Faulty World

Reading and writing memory are, besides computation, the most common ope...

Proconda – Protected Control Data

Memory corruption vulnerabilities often enable attackers to take control...

RegGuard: Leveraging CPU Registers for Mitigation of Control- and Data-Oriented Attacks

CPU registers are small discrete storage units, used to hold temporary d...

ret2spec: Speculative Execution Using Return Stack Buffers

Speculative execution is an optimization technique that has been part of...

PAIRS: Control Flow Protection using Phantom Addressed Instructions

Code-reuse attacks continue to pose a significant threat to systems secu...