MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks

IRIS

Bare-metal microcontrollers are a family of Internet of Things (IoT) devices which are increasingly deployed in critical industrial environments. Similar to other IoT devices, bare-metal microcontrollers are vulnerable to memory corruption and code-reuse attacks. We propose MicroGuard, a novel mitigation method based on component-level sandboxing and automated code randomization to securely encapsulate application components in isolated environments. We implemented MicroGuard and evaluated its efficacy and efficiency with a real-world benchmark against different types of attacks. As our evaluation shows, MicroGuard provides better security than ACES, current state-of-the-art protection framework for bare-metal microcontrollers, with a comparable performance overhead.

MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks / Salehi, M.; Hughes, D.; Crispo, B.. - (2019), pp. 1-8. (Intervento presentato al convegno 3rd IEEE Conference on Dependable and Secure Computing, DSC 2019 tenutosi a china nel 2019) [10.1109/DSC47296.2019.8937667].

MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks

Salehi M.;Hughes D.;Crispo B.

2019-01-01

Abstract

Bare-metal microcontrollers are a family of Internet of Things (IoT) devices which are increasingly deployed in critical industrial environments. Similar to other IoT devices, bare-metal microcontrollers are vulnerable to memory corruption and code-reuse attacks. We propose MicroGuard, a novel mitigation method based on component-level sandboxing and automated code randomization to securely encapsulate application components in isolated environments. We implemented MicroGuard and evaluated its efficacy and efficiency with a real-world benchmark against different types of attacks. As our evaluation shows, MicroGuard provides better security than ACES, current state-of-the-art protection framework for bare-metal microcontrollers, with a comparable performance overhead.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2019
		
	Titolo del volume (Proceedings title)
	
			2019 IEEE Conference on Dependable and Secure Computing, DSC 2019 - Proceedings
		
	Luogo di edizione (Place of publication)
	
			Hangzhou
		
	Casa editrice (Publisher)
	
			Institute of Electrical and Electronics Engineers Inc.
		
	ISBN
	
			978-1-7281-2319-6
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85078038783
		
	Codice WOS (WOS identifier)
	
			WOS:000533371800005
		
	Tutti gli autori
	
			Salehi, M.; Hughes, D.; Crispo, B.
		
	Citazione
	
			MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks / Salehi, M.; Hughes, D.; Crispo, B.. - (2019), pp. 1-8. (Intervento presentato al  convegno 3rd IEEE Conference on Dependable and Secure Computing, DSC 2019 tenutosi a china nel 2019) [10.1109/DSC47296.2019.8937667].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/288981

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

11

8

social impact