Sponge-Based Control-Flow Protection for IoT Devices

نویسندگان

  • Mario Werner
  • Thomas Unterluggauer
  • David Schaffenrath
  • Stefan Mangard
چکیده

Embedded devices in the Internet of Things (IoT) face a wide variety of security challenges. For example, software attackers perform code injection and code-reuse attacks on their remote interfaces, and physical access to IoT devices allows to tamper with code in memory, steal confidential Intellectual Property (IP), or mount fault attacks to manipulate a CPU’s control flow. In this work, we present Sponge-based Control Flow Protection (SCFP). SCFP is a stateful, sponge-based scheme to ensure the confidentiality of software IP and its authentic execution on IoT devices. At compile time, SCFP encrypts and authenticates software with instruction-level granularity. During execution, an SCFP hardware extension between the CPU’s fetch and decode stage continuously decrypts and authenticates instructions. Sponge-based authenticated encryption in SCFP yields fine-grained control-flow integrity and thus prevents code-reuse, code-injection, and fault attacks on the code and the control flow. In addition, SCFP withstands any modification of software in memory. For evaluation, we extended a RISC-V core with SCFP and fabricated a real System on Chip (SoC). The average overhead in code size and execution time of SCFP on this design is 19.8 % and 9.1 %, respectively, and thus meets the requirements of embedded IoT devices.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers

With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection...

متن کامل

Guardian of the HAN: Thwarting Mobile Attacks on Smart-Home Devices Using OS-level Situation Awareness

A new development of smart-home systems is to use mobile apps to control IoT devices across a Home Area Network (HAN). Those systems tend to rely on the Wi-Fi router to authenticate other devices; as verified in our study, IoT vendors tend to trust all devices connected to the HAN. This treatment exposes them to the attack from malicious apps, particularly those running on authorized phones, wh...

متن کامل

The Role of Packet Tracer in Learning Wireless Networks and Managing IoT Devices

Wireless networks, Internet of Things (IoT), Internet of Everything (IoE), and smart homes have become extremely important terms in our present-day life. Most of the buildings, companies, institutions, and even homes depend onthese technologies for interaction, communication, automation, and everything surrounding humans. To understand the advanced topics in wireless networks and IoT devi...

متن کامل

A Mutual Authentication Method for Internet of Things

Today, we are witnessing the expansion of various Internet of Things (IoT) applications and services such as surveillance and health. These services are delivered to users via smart devices anywhere and anytime. Forecasts show that the IoT, which is controlled online in the user environment, will reach 25 billion devices worldwide by 2020. Data security is one of the main concerns in the IoT. ...

متن کامل

Home appliances energy management based on the IoT system

The idea of the Internet of Things (IoT) has turned out to be increasingly prominent in the cuttingedge period of innovation than at any other time. From little family unit gadgets to extensive modernmachines, the vision of IoT has made it conceivable to interface the gadgets with the physical worldaround them. This expanding prominence has likewise made the IoT gadgets and ap...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/1802.06691  شماره 

صفحات  -

تاریخ انتشار 2018