| Title | MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Salehi, Majid, Hughes, Danny, Crispo, Bruno |
| Conference Name | 2019 IEEE Conference on Dependable and Secure Computing (DSC) |
| Keywords | automated code randomization, bare-metal micro controllers, bare-metal microcontrollers, code randomization, code-reuse attacks, Collaboration, component-level sandboxing, composability, data protection, Internet of Things, Internet of Things devices, IoT devices, microcontrollers, MicroGuard, mitigation method, policy-based governance, pubcrawl, Sandboxing, security of data, source code (software) |
| Abstract | Bare-metal microcontrollers are a family of Internet of Things (IoT) devices which are increasingly deployed in critical industrial environments. Similar to other IoT devices, bare-metal microcontrollers are vulnerable to memory corruption and code-reuse attacks. We propose MicroGuard, a novel mitigation method based on component-level sandboxing and automated code randomization to securely encapsulate application components in isolated environments. We implemented MicroGuard and evaluated its efficacy and efficiency with a real-world benchmark against different types of attacks. As our evaluation shows, MicroGuard provides better security than ACES, current state-of-the-art protection framework for bare-metal microcontrollers, with a comparable performance overhead. |
| DOI | 10.1109/DSC47296.2019.8937667 |
| Citation Key | salehi_microguard_2019 |
MicroGuard: Securing Bare-Metal Microcontrollers against Code-Reuse Attacks