Title | Code Mutation as a mean against ROP Attacks for Embedded Systems |
Publication Type | Conference Paper |
Year of Publication | 2022 |
Authors | Tabatt, P., Jelonek, J., Schölzel, M., Lehniger, K., Langendörfer, P. |
Conference Name | 2022 11th Mediterranean Conference on Embedded Computing (MECO) |
Keywords | biological systems, code permutation, codes, composability, Computer crashes, Embedded computing, Embedded systems, human factors, pubcrawl, Resiliency, ROP attack, rop attacks, Scalability, security, Sociology, Statistics |
Abstract | This paper presents a program-code mutation technique that is applied in-field to embedded systems in order to create diversity in a population of systems that are identical at the time of their deployment. With this diversity, it becomes more difficult for attackers to carry out the very popular Return-Oriented-Programming (ROP) attack in a large scale, since the gadgets in different systems are located at different program addresses after code permutation. In order to prevent the system from a system crash after a failed ROP attack, we further propose the combination of the code mutation with a return address checking. We will report the overhead in time and memory along with a security analysis. |
DOI | 10.1109/MECO55406.2022.9797185 |
Citation Key | tabatt_code_2022 |