Anatomy of Memory Corruption Attacks and Mitigations in Embedded Systems

Nektarios Georgios Tsoutsos, Mihalis Maniatakos

Research output: Contribution to journalArticle

Abstract

For more than two decades, memory safety violations and control-flow integrity attacks have been a prominent threat to the security of computer systems. Contrary to regular systems that are updated regularly, application-constrained devices typically run monolithic firmware that may not be updated in the lifetime of the device after being deployed in the field. Hence, the need for protections against memory corruption becomes even more prominent. In this article, we survey memory safety in the context of embedded processors, and describe different attacks that can subvert the legitimate control flow, with a special focus on Return Oriented Programming. Based on common attack trends, we formulate the anatomy of typical memory corruption attacks and discuss powerful mitigation techniques that have been reported in the literature.

Original languageEnglish (US)
JournalIEEE Embedded Systems Letters
DOIs
StateAccepted/In press - Apr 23 2018

Fingerprint

Embedded systems
Data storage equipment
Flow control
Firmware
Computer systems

Keywords

  • buffer overflows
  • Buffer storage
  • Computer security
  • control-flow integrity protections
  • Embedded systems
  • Libraries
  • Memory safety violations
  • Program processors
  • Programming
  • return oriented programming.
  • Safety

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science(all)

Cite this

Anatomy of Memory Corruption Attacks and Mitigations in Embedded Systems. / Tsoutsos, Nektarios Georgios; Maniatakos, Mihalis.

In: IEEE Embedded Systems Letters, 23.04.2018.

Research output: Contribution to journalArticle

@article{7c2b637185534c69b304ed6e2c12b5ea,
title = "Anatomy of Memory Corruption Attacks and Mitigations in Embedded Systems",
abstract = "For more than two decades, memory safety violations and control-flow integrity attacks have been a prominent threat to the security of computer systems. Contrary to regular systems that are updated regularly, application-constrained devices typically run monolithic firmware that may not be updated in the lifetime of the device after being deployed in the field. Hence, the need for protections against memory corruption becomes even more prominent. In this article, we survey memory safety in the context of embedded processors, and describe different attacks that can subvert the legitimate control flow, with a special focus on Return Oriented Programming. Based on common attack trends, we formulate the anatomy of typical memory corruption attacks and discuss powerful mitigation techniques that have been reported in the literature.",
keywords = "buffer overflows, Buffer storage, Computer security, control-flow integrity protections, Embedded systems, Libraries, Memory safety violations, Program processors, Programming, return oriented programming., Safety",
author = "Tsoutsos, {Nektarios Georgios} and Mihalis Maniatakos",
year = "2018",
month = "4",
day = "23",
doi = "10.1109/LES.2018.2829777",
language = "English (US)",
journal = "IEEE Embedded Systems Letters",
issn = "1943-0663",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Anatomy of Memory Corruption Attacks and Mitigations in Embedded Systems

AU - Tsoutsos, Nektarios Georgios

AU - Maniatakos, Mihalis

PY - 2018/4/23

Y1 - 2018/4/23

N2 - For more than two decades, memory safety violations and control-flow integrity attacks have been a prominent threat to the security of computer systems. Contrary to regular systems that are updated regularly, application-constrained devices typically run monolithic firmware that may not be updated in the lifetime of the device after being deployed in the field. Hence, the need for protections against memory corruption becomes even more prominent. In this article, we survey memory safety in the context of embedded processors, and describe different attacks that can subvert the legitimate control flow, with a special focus on Return Oriented Programming. Based on common attack trends, we formulate the anatomy of typical memory corruption attacks and discuss powerful mitigation techniques that have been reported in the literature.

AB - For more than two decades, memory safety violations and control-flow integrity attacks have been a prominent threat to the security of computer systems. Contrary to regular systems that are updated regularly, application-constrained devices typically run monolithic firmware that may not be updated in the lifetime of the device after being deployed in the field. Hence, the need for protections against memory corruption becomes even more prominent. In this article, we survey memory safety in the context of embedded processors, and describe different attacks that can subvert the legitimate control flow, with a special focus on Return Oriented Programming. Based on common attack trends, we formulate the anatomy of typical memory corruption attacks and discuss powerful mitigation techniques that have been reported in the literature.

KW - buffer overflows

KW - Buffer storage

KW - Computer security

KW - control-flow integrity protections

KW - Embedded systems

KW - Libraries

KW - Memory safety violations

KW - Program processors

KW - Programming

KW - return oriented programming.

KW - Safety

UR - http://www.scopus.com/inward/record.url?scp=85045988526&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85045988526&partnerID=8YFLogxK

U2 - 10.1109/LES.2018.2829777

DO - 10.1109/LES.2018.2829777

M3 - Article

JO - IEEE Embedded Systems Letters

JF - IEEE Embedded Systems Letters

SN - 1943-0663

ER -