μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems

Ali  Abbasi; Jos Wetzels; Wouter Bokslag; Emmanuele Zambon; Sandro  Etalle

doi:10.1007/978-3-319-64701-2_55

μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems

Ali Abbasi
, Jos Wetzels
, Wouter Bokslag
, Emmanuele Zambon
, Sandro Etalle

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

5 Citations (Scopus)

9 Downloads (Pure)

Abstract

Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present μShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that μShield provides its protection with a limited performance overhead.

Original language	English
Title of host publication	Network and System Security
Subtitle of host publication	11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings
Editors	Zheng Yan, Refik Molva, Wojciech Mazurczyk, Raimo Kantola
Publisher	Springer
Pages	694-709
Number of pages	15
ISBN (Electronic)	978-3-319-64701-2
ISBN (Print)	978-3-319-64700-5
DOIs	https://doi.org/10.1007/978-3-319-64701-2_55
Publication status	Published - 21 Aug 2017
Event	11th International Conference on Network and System Security, NSS 2017 - Helsinki, Finland Duration: 21 Aug 2017 → 23 Aug 2017 Conference number: 11 https://research.comnet.aalto.fi/NSS2017/

Publication series

Name	Lecture Notes in Computer Science
Volume	10394

Conference

Conference	11th International Conference on Network and System Security, NSS 2017
Abbreviated title	NSS
Country/Territory	Finland
City	Helsinki
Period	21/08/17 → 23/08/17
Internet address	https://research.comnet.aalto.fi/NSS2017/

Keywords

Embedded
Code Reuse
Heuristics
ARM
Exploit
ROP

Access to Document

10.1007/978-3-319-64701-2_55

Cite this

Abbasi, A., Wetzels, J., Bokslag, W., Zambon, E., & Etalle, S. (2017). μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems. In Z. Yan, R. Molva, W. Mazurczyk, & R. Kantola (Eds.), Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings (pp. 694-709). ( Lecture Notes in Computer Science; Vol. 10394). Springer. https://doi.org/10.1007/978-3-319-64701-2_55

Abbasi, Ali ; Wetzels, Jos ; Bokslag, Wouter et al. / μShield : Configurable Code-Reuse Attacks Mitigation For Embedded Systems. Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings. editor / Zheng Yan ; Refik Molva ; Wojciech Mazurczyk ; Raimo Kantola. Springer, 2017. pp. 694-709 ( Lecture Notes in Computer Science).

@inproceedings{379724f5e73e46d395d16ae119aa808d,

title = "μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems",

abstract = "Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present μShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that μShield provides its protection with a limited performance overhead.",

keywords = "Embedded, Code Reuse, Heuristics, ARM, Exploit, ROP",

author = "Ali Abbasi and Jos Wetzels and Wouter Bokslag and Emmanuele Zambon and Sandro Etalle",

year = "2017",

month = aug,

day = "21",

doi = "10.1007/978-3-319-64701-2\_55",

language = "English",

isbn = "978-3-319-64700-5",

series = " Lecture Notes in Computer Science",

publisher = "Springer",

pages = "694--709",

editor = "Zheng Yan and Molva, \{Refik \} and Wojciech Mazurczyk and Raimo Kantola",

booktitle = "Network and System Security",

address = "Germany",

note = "11th International Conference on Network and System Security, NSS 2017, NSS ; Conference date: 21-08-2017 Through 23-08-2017",

url = "https://research.comnet.aalto.fi/NSS2017/",

}

Abbasi, A, Wetzels, J, Bokslag, W, Zambon, E & Etalle, S 2017, μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems. in Z Yan, R Molva, W Mazurczyk & R Kantola (eds), Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings. Lecture Notes in Computer Science, vol. 10394, Springer, pp. 694-709, 11th International Conference on Network and System Security, NSS 2017, Helsinki, Finland, 21/08/17. https://doi.org/10.1007/978-3-319-64701-2_55

μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems. / Abbasi, Ali ; Wetzels, Jos; Bokslag, Wouter et al.
Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings. ed. / Zheng Yan; Refik Molva; Wojciech Mazurczyk; Raimo Kantola. Springer, 2017. p. 694-709 ( Lecture Notes in Computer Science; Vol. 10394).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - μShield

T2 - 11th International Conference on Network and System Security, NSS 2017

AU - Abbasi, Ali

AU - Wetzels, Jos

AU - Bokslag, Wouter

AU - Zambon, Emmanuele

AU - Etalle, Sandro

N1 - Conference code: 11

PY - 2017/8/21

Y1 - 2017/8/21

N2 - Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present μShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that μShield provides its protection with a limited performance overhead.

AB - Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present μShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that μShield provides its protection with a limited performance overhead.

KW - Embedded

KW - Code Reuse

KW - Heuristics

KW - ARM

KW - Exploit

KW - ROP

U2 - 10.1007/978-3-319-64701-2_55

DO - 10.1007/978-3-319-64701-2_55

M3 - Conference contribution

SN - 978-3-319-64700-5

T3 - Lecture Notes in Computer Science

SP - 694

EP - 709

BT - Network and System Security

A2 - Yan, Zheng

A2 - Molva, Refik

A2 - Mazurczyk, Wojciech

A2 - Kantola, Raimo

PB - Springer

Y2 - 21 August 2017 through 23 August 2017

ER -

Abbasi A, Wetzels J, Bokslag W, Zambon E, Etalle S. μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems. In Yan Z, Molva R, Mazurczyk W, Kantola R, editors, Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings. Springer. 2017. p. 694-709. ( Lecture Notes in Computer Science). doi: 10.1007/978-3-319-64701-2_55

μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this