Although they have been known for some time, the security implications of buffer overflows (BOF) continue to rouse great attention among software experts in the academic and commercial sectors. Recently, there has been particular interest in discussing how to mitigate risks deriving from BOF on embedded and IoT devices, which have lower computational capabilities given their low-cost and low-power requirements. Although the literature is rich of solutions for these devices as well, authors often fail to quantitatively compare their techniques with related work from a security perspective, and mostly rely on qualitative analysis. Existing evaluator benchmarks (such as the famous RIPE, introduced in 2011) are designed to be used only on general-purpose systems, e.g., with a rich Linux OS and Intel architecture. This paper presents Em-RIPE, a prototype evaluation tool written for assessing protections applied to real-time embedded systems, such as microcontrollers equipped with ARM processors. This first version of the tool supports 105 different possible attack combinations, on which the resilience level of the platform under test can be measured. As experimental data, the obtained protection coverage for major compiler-based firmware protections is reported.
Em-RIPE: Runtime Intrusion Prevention Evaluator for ARM Microcontroller Systems / Roascio, Gianluca; Serra, Gabriele; Eftekhari Moghadam, Vahid. - ELETTRONICO. - (2022), pp. 1-6. (Intervento presentato al convegno International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME) tenutosi a Maldives nel 16-18 November 2022) [10.1109/ICECCME55909.2022.9988527].
Em-RIPE: Runtime Intrusion Prevention Evaluator for ARM Microcontroller Systems
Roascio, Gianluca;Eftekhari Moghadam, Vahid
2022
Abstract
Although they have been known for some time, the security implications of buffer overflows (BOF) continue to rouse great attention among software experts in the academic and commercial sectors. Recently, there has been particular interest in discussing how to mitigate risks deriving from BOF on embedded and IoT devices, which have lower computational capabilities given their low-cost and low-power requirements. Although the literature is rich of solutions for these devices as well, authors often fail to quantitatively compare their techniques with related work from a security perspective, and mostly rely on qualitative analysis. Existing evaluator benchmarks (such as the famous RIPE, introduced in 2011) are designed to be used only on general-purpose systems, e.g., with a rich Linux OS and Intel architecture. This paper presents Em-RIPE, a prototype evaluation tool written for assessing protections applied to real-time embedded systems, such as microcontrollers equipped with ARM processors. This first version of the tool supports 105 different possible attack combinations, on which the resilience level of the platform under test can be measured. As experimental data, the obtained protection coverage for major compiler-based firmware protections is reported.File | Dimensione | Formato | |
---|---|---|---|
conference_101719.pdf
accesso aperto
Descrizione: Camera ready version of the paper - to be published in Proceedings
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
PUBBLICO - Tutti i diritti riservati
Dimensione
151.19 kB
Formato
Adobe PDF
|
151.19 kB | Adobe PDF | Visualizza/Apri |
ICECCME_acceptance_letter_ID_369.pdf
non disponibili
Descrizione: Acceptance letter
Tipologia:
Altro materiale allegato
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
568.71 kB
Formato
Adobe PDF
|
568.71 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Em-RIPE_Runtime_Intrusion_Prevention_Evaluator_for_ARM_Microcontroller_Systems.pdf
non disponibili
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
200.17 kB
Formato
Adobe PDF
|
200.17 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2970895