Hardware-Assisted Monitoring for Code Security in Embedded System

被引：3

作者：

Wang, Xiang ^{[1
]}

Shen, Quanneng ^{[1
]}

Du, Pei ^{[1
]}

Zhang, Rong ^{[1
]}

Wang, Weike ^{[1
]}

Li, Lin ^{[1
]}

Xu, Bin ^{[1
]}

Ji, Huihui ^{[1
]}

机构：

[1] Beihang Univ, Sch Elect & Informat Engn, Beijing, Peoples R China

来源：

IEEE 12TH INT CONF UBIQUITOUS INTELLIGENCE & COMP/IEEE 12TH INT CONF ADV & TRUSTED COMP/IEEE 15TH INT CONF SCALABLE COMP & COMMUN/IEEE INT CONF CLOUD & BIG DATA COMP/IEEE INT CONF INTERNET PEOPLE AND ASSOCIATED SYMPOSIA/WORKSHOPS | 2015年

基金：

美国国家科学基金会;

关键词：

hardware-assisted; code protection; lightweight; security module;

D O I：

10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.251

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

This paper presents a novel hardware-assisted monitoring architecture for code protection. Program code can be considered as a number of basic code blocks, each with jump and return addresses. It records all possible positions and the function called address to extract the monitoring model of program. The compiler extracts the control flow and static code integrity validation information using lightweight hash and integrity algorithms at compile time. During the execution of the program security module reads from the specialized division of hardware such information, which is compared with the program generated in the process of real-time operation. If inconsistent with the description of the program was found, the security module will abort the CPU run. This design effectively improves the security of embedded systems, while the whole system costs less resource consumption and obtains high efficiency.

引用

页码：1393 / 1396

页数：4

共 11 条

[1]

Austin T., 2006, PROC USENIX SEC SYMP, P121

[2]

Cowan C, 1998, PROCEEDINGS OF THE SEVENTH USENIX SECURITY SYMPOSIUM, P63

[3]

Cowan C, 2003, USENIX ASSOCIATION PROCEEDINGS OF THE 12TH USENIX SECURITY SYMPOSIUM, P91

[4]

Dor N., 2011, P ACM SIGPLAN C PROG, P155

[5]

Larson E., 2010, P USENIX SEC S AUG, P121

[6] Hardware Support for Secure Processing in Embedded Systems [J].

Mao, Shufu ;

Wolf, Tilman .

IEEE TRANSACTIONS ON COMPUTERS, 2010, 59 (06) :847-854

[7] A bottom-up approach to verifiable embedded system information flow security [J].

Mu, Dejun ;

Hu, Wei ;

Mao, Baolei ;

Ma, Bo .

IET INFORMATION SECURITY, 2014, 8 (01) :12-17

[8] Secure bit: Transparent, hardware buffer-overflow protection [J].

Piromsopa, Krerk ;

Enbody, Richard J. .

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2006, 3 (04) :365-376

[9] IMPRES: Integrated monitoring for processor REliability and security [J].

Ragel, Roshan G. ;

Parameswaran, Sri .

43RD DESIGN AUTOMATION CONFERENCE, PROCEEDINGS 2006, 2006, :502-+

[10]

Wagner D., 2010, P NETW DISTR SYST SE, P3

← 1 2 →