Visible to the public Code Mutation as a mean against ROP Attacks for Embedded Systems

TitleCode Mutation as a mean against ROP Attacks for Embedded Systems
Publication TypeConference Paper
Year of Publication2022
AuthorsTabatt, P., Jelonek, J., Schölzel, M., Lehniger, K., Langendörfer, P.
Conference Name2022 11th Mediterranean Conference on Embedded Computing (MECO)
Keywordsbiological systems, code permutation, codes, composability, Computer crashes, Embedded computing, Embedded systems, human factors, pubcrawl, Resiliency, ROP attack, rop attacks, Scalability, security, Sociology, Statistics
AbstractThis paper presents a program-code mutation technique that is applied in-field to embedded systems in order to create diversity in a population of systems that are identical at the time of their deployment. With this diversity, it becomes more difficult for attackers to carry out the very popular Return-Oriented-Programming (ROP) attack in a large scale, since the gadgets in different systems are located at different program addresses after code permutation. In order to prevent the system from a system crash after a failed ROP attack, we further propose the combination of the code mutation with a return address checking. We will report the overhead in time and memory along with a security analysis.
DOI10.1109/MECO55406.2022.9797185
Citation Keytabatt_code_2022