Visible to the public Interface Diversification in IoT Operating Systems

TitleInterface Diversification in IoT Operating Systems
Publication TypeConference Paper
Year of Publication2016
AuthorsMäki, Petteri, Rauti, Sampsa, Hosseinzadeh, Shohreh, Koivunen, Lauri, Leppänen, Ville
Conference NameProceedings of the 9th International Conference on Utility and Cloud Computing
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4616-0
Keywordsdiversification, IoT, Metrics, pubcrawl, Resiliency, scalabilty, Securing Compilers, software security
Abstract

With the advancement of Internet in Things (IoT) more and more "things" are connected to each other through the Internet. Due to the fact that the collected information may contain personal information of the users, it is very important to ensure the security of the devices in IoT. Diversification is a promising technique that protects the software and devices from harmful attacks and malware by making interfaces unique in each separate system. In this paper we apply diversification on the interfaces of IoT operating systems. To this aim, we introduce the diversification in post-compilation and linking phase of the software life-cycle, by shuffling the order of the linked objects while preserving the semantics of the code. This approach successfully prevents malicious exploits from producing adverse effects in the system. Besides shuffling, we also apply library symbol diversification method, and construct needed support for it e.g. into the dynamic loading phase. Besides studying and discussing memory layout shuffling and symbol diversification as a security measures for IoT operating systems, we provide practical implementations for these schemes for Thingsee OS and Raspbian operating systems and test these solutions to show the feasibility of diversification in IoT environments.

URLhttp://doi.acm.org/10.1145/2996890.3007877
DOI10.1145/2996890.3007877
Citation Keymaki_interface_2016