μShield: configurable code-reuse attacks mitigation for embedded systems

A. Abbasi; A.L.G.M. Wetzels; W. Bokslag; E. Zambon; S. Etalle

doi:10.1007/978-3-319-64701-2_55

μShield: configurable code-reuse attacks mitigation for embedded systems

A. Abbasi, A.L.G.M. Wetzels, W. Bokslag, E. Zambon, S. Etalle

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic › peer-review

4 Citations (Scopus)

1 Downloads (Pure)

Abstract

Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present µShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that µShield provides its protection with a limited performance overhead.

Original language	English
Title of host publication	Network and System Security - 11th International Conference, NSS 2017, Proceedings
Editors	Zheng Yan, Refik Molva, Wojciech Mazurczyk, Raimo Kantola
Place of Publication	Dordrecht
Publisher	Springer
Pages	694-709
Number of pages	16
ISBN (Electronic)	978-3-319-64701-2
ISBN (Print)	978-3-319-64700-5
DOIs	https://doi.org/10.1007/978-3-319-64701-2_55
Publication status	Published - 1 Jan 2017
Event	11th International Conference on Network and System Security (NSS 2017), 21-23 August 2017, Helsinki, Finland - Helsinki, Finland Duration: 21 Aug 2017 → 23 Aug 2017 https://research.comnet.aalto.fi/NSS2017/

Publication series

Name	Lecture Notes in Computer Science (LNCS)
Publisher	Springer
Volume	10394
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Conference on Network and System Security (NSS 2017), 21-23 August 2017, Helsinki, Finland
Abbreviated title	NSS 2017
Country/Territory	Finland
City	Helsinki
Period	21/08/17 → 23/08/17
Internet address	https://research.comnet.aalto.fi/NSS2017/

Keywords

ARM
Code reuse
Embedded
Heuristics

Access to Document

10.1007/978-3-319-64701-2_55

Cite this

Abbasi, A., Wetzels, A. L. G. M., Bokslag, W., Zambon, E., & Etalle, S. (2017). μShield: configurable code-reuse attacks mitigation for embedded systems. In Z. Yan, R. Molva, W. Mazurczyk, & R. Kantola (Eds.), Network and System Security - 11th International Conference, NSS 2017, Proceedings (pp. 694-709). (Lecture Notes in Computer Science (LNCS); Vol. 10394). Springer. https://doi.org/10.1007/978-3-319-64701-2_55

@inbook{8254aafd7eab4c7abfe43c0bca5f65f6,

title = "μShield: configurable code-reuse attacks mitigation for embedded systems",

abstract = "Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present µShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that µShield provides its protection with a limited performance overhead.",

keywords = "ARM, Code reuse, Embedded, Heuristics",

author = "A. Abbasi and A.L.G.M. Wetzels and W. Bokslag and E. Zambon and S. Etalle",

year = "2017",

month = jan,

day = "1",

doi = "10.1007/978-3-319-64701-2_55",

language = "English",

isbn = "978-3-319-64700-5",

series = "Lecture Notes in Computer Science (LNCS)",

publisher = "Springer",

pages = "694--709",

editor = "Zheng Yan and Refik Molva and Wojciech Mazurczyk and Raimo Kantola",

booktitle = "Network and System Security - 11th International Conference, NSS 2017, Proceedings",

address = "Germany",

note = "11th International Conference on Network and System Security (NSS 2017), 21-23 August 2017, Helsinki, Finland, NSS 2017 ; Conference date: 21-08-2017 Through 23-08-2017",

url = "https://research.comnet.aalto.fi/NSS2017/",

}

Abbasi, A, Wetzels, ALGM, Bokslag, W, Zambon, E & Etalle, S 2017, μShield: configurable code-reuse attacks mitigation for embedded systems. in Z Yan, R Molva, W Mazurczyk & R Kantola (eds), Network and System Security - 11th International Conference, NSS 2017, Proceedings. Lecture Notes in Computer Science (LNCS), vol. 10394, Springer, Dordrecht, pp. 694-709, 11th International Conference on Network and System Security (NSS 2017), 21-23 August 2017, Helsinki, Finland, Helsinki, Finland, 21/08/17. https://doi.org/10.1007/978-3-319-64701-2_55

μShield: configurable code-reuse attacks mitigation for embedded systems. / Abbasi, A.; Wetzels, A.L.G.M.; Bokslag, W. et al.
Network and System Security - 11th International Conference, NSS 2017, Proceedings. ed. / Zheng Yan; Refik Molva; Wojciech Mazurczyk; Raimo Kantola. Dordrecht: Springer, 2017. p. 694-709 (Lecture Notes in Computer Science (LNCS); Vol. 10394).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic › peer-review

TY - CHAP

T1 - μShield

T2 - 11th International Conference on Network and System Security (NSS 2017), 21-23 August 2017, Helsinki, Finland

AU - Abbasi, A.

AU - Wetzels, A.L.G.M.

AU - Bokslag, W.

AU - Zambon, E.

AU - Etalle, S.

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present µShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that µShield provides its protection with a limited performance overhead.

AB - Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present µShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that µShield provides its protection with a limited performance overhead.

KW - ARM

KW - Code reuse

KW - Embedded

KW - Heuristics

UR - http://www.scopus.com/inward/record.url?scp=85028467421&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-64701-2_55

DO - 10.1007/978-3-319-64701-2_55

M3 - Chapter

SN - 978-3-319-64700-5

T3 - Lecture Notes in Computer Science (LNCS)

SP - 694

EP - 709

BT - Network and System Security - 11th International Conference, NSS 2017, Proceedings

A2 - Yan, Zheng

A2 - Molva, Refik

A2 - Mazurczyk, Wojciech

A2 - Kantola, Raimo

PB - Springer

CY - Dordrecht

Y2 - 21 August 2017 through 23 August 2017

ER -

Abbasi A, Wetzels ALGM, Bokslag W, Zambon E , Etalle S. μShield: configurable code-reuse attacks mitigation for embedded systems. In Yan Z, Molva R, Mazurczyk W, Kantola R, editors, Network and System Security - 11th International Conference, NSS 2017, Proceedings. Dordrecht: Springer. 2017. p. 694-709. (Lecture Notes in Computer Science (LNCS)). doi: 10.1007/978-3-319-64701-2_55

μShield: configurable code-reuse attacks mitigation for embedded systems

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Stockholm International Summit on Cyber Security in SCADA and Industrial Control Systems

Cite this

μShield: configurable code-reuse attacks mitigation for embedded systems

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Activities

Stockholm International Summit on Cyber Security in SCADA and Industrial Control Systems

Cite this