A framework for defending embedded systems against software attacks
The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because...
Gespeichert in:
| Veröffentlicht in: | ACM transactions on embedded computing systems 2011-04, Vol.10 (3), p.1-23 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 23 |
|---|---|
| container_issue | 3 |
| container_start_page | 1 |
| container_title | ACM transactions on embedded computing systems |
| container_volume | 10 |
| creator | Aaraj, Najwa Raghunathan, Anand Jha, Niraj K. |
| description | The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because of the limited processing capabilities of their embedded counterparts.
In this work, we evaluate a malware and software vulnerability exploit defense framework for embedded systems. The proposed framework extends our prior work, which defines two isolated execution environments: a
testing
environment, wherein an untrusted application is first tested using dynamic binary instrumentation (DBI), and a
real
environment, wherein a program is monitored at runtime using an extracted behavioral model, along with a continuous learning process. We present a suite of software and hardware optimizations to reduce the overheads induced by the defense framework on embedded systems. Software optimizations include the usage of static analysis, complemented with DBI in the testing environment (i.e., a hybrid software analysis approach is used). Hardware optimizations exploit parallel processing capabilities of multiprocessor systems-on-chip.
We have evaluated the defense framework and proposed optimizations on the ARM-Linux operating system. Experiments demonstrate that our framework achieves a high coverage of considered security threats, with acceptable performance penalties (the average execution time of applications goes up to 1.68X, considering all optimizations, which is much smaller than the 2.72X performance penalty when no optimizations are used). |
| doi_str_mv | 10.1145/1952522.1952526 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_901655332</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>901655332</sourcerecordid><originalsourceid>FETCH-LOGICAL-c273t-e5892d6551ca04b0489e2ca962af09c2761a08315ff937bfec2ef4130d2515963</originalsourceid><addsrcrecordid>eNotkDtvwjAURq2qlUpp567eOgX8yHXiEaG-JKQu7RwZ-xqlkIT6GiH-fUFhOt9wdIaPsWcpZlKWMJcWFCg1G2lu2EQC1IUuDdxetraFFXV1zx6IfoWQlSphwpYLHpPr8DikLY9D4gEj9qHtNxy7NYaAgdOJMnbE3ca1PWVOQ8xHl5C7nJ3f0iO7i25H-HTllP28vX4vP4rV1_vncrEqvKp0LhBqq4IBkN6Jci3K2qLyzhrlorBnx0gnai0hRqurdUSvMJZSi6BAgjV6yl7G7j4Nfwek3HQtedztXI_DgRor5LmutTqb89H0aSBKGJt9ajuXTo0UzeWt5vrWlUb_A547W-Q</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>901655332</pqid></control><display><type>article</type><title>A framework for defending embedded systems against software attacks</title><source>ACM Digital Library</source><creator>Aaraj, Najwa ; Raghunathan, Anand ; Jha, Niraj K.</creator><creatorcontrib>Aaraj, Najwa ; Raghunathan, Anand ; Jha, Niraj K.</creatorcontrib><description>The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because of the limited processing capabilities of their embedded counterparts.
In this work, we evaluate a malware and software vulnerability exploit defense framework for embedded systems. The proposed framework extends our prior work, which defines two isolated execution environments: a
testing
environment, wherein an untrusted application is first tested using dynamic binary instrumentation (DBI), and a
real
environment, wherein a program is monitored at runtime using an extracted behavioral model, along with a continuous learning process. We present a suite of software and hardware optimizations to reduce the overheads induced by the defense framework on embedded systems. Software optimizations include the usage of static analysis, complemented with DBI in the testing environment (i.e., a hybrid software analysis approach is used). Hardware optimizations exploit parallel processing capabilities of multiprocessor systems-on-chip.
We have evaluated the defense framework and proposed optimizations on the ARM-Linux operating system. Experiments demonstrate that our framework achieves a high coverage of considered security threats, with acceptable performance penalties (the average execution time of applications goes up to 1.68X, considering all optimizations, which is much smaller than the 2.72X performance penalty when no optimizations are used).</description><identifier>ISSN: 1539-9087</identifier><identifier>EISSN: 1558-3465</identifier><identifier>DOI: 10.1145/1952522.1952526</identifier><language>eng</language><subject>Computer programs ; Embedded computer systems ; Incidence ; Platforms ; Security ; Software</subject><ispartof>ACM transactions on embedded computing systems, 2011-04, Vol.10 (3), p.1-23</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c273t-e5892d6551ca04b0489e2ca962af09c2761a08315ff937bfec2ef4130d2515963</citedby><cites>FETCH-LOGICAL-c273t-e5892d6551ca04b0489e2ca962af09c2761a08315ff937bfec2ef4130d2515963</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Aaraj, Najwa</creatorcontrib><creatorcontrib>Raghunathan, Anand</creatorcontrib><creatorcontrib>Jha, Niraj K.</creatorcontrib><title>A framework for defending embedded systems against software attacks</title><title>ACM transactions on embedded computing systems</title><description>The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because of the limited processing capabilities of their embedded counterparts.
In this work, we evaluate a malware and software vulnerability exploit defense framework for embedded systems. The proposed framework extends our prior work, which defines two isolated execution environments: a
testing
environment, wherein an untrusted application is first tested using dynamic binary instrumentation (DBI), and a
real
environment, wherein a program is monitored at runtime using an extracted behavioral model, along with a continuous learning process. We present a suite of software and hardware optimizations to reduce the overheads induced by the defense framework on embedded systems. Software optimizations include the usage of static analysis, complemented with DBI in the testing environment (i.e., a hybrid software analysis approach is used). Hardware optimizations exploit parallel processing capabilities of multiprocessor systems-on-chip.
We have evaluated the defense framework and proposed optimizations on the ARM-Linux operating system. Experiments demonstrate that our framework achieves a high coverage of considered security threats, with acceptable performance penalties (the average execution time of applications goes up to 1.68X, considering all optimizations, which is much smaller than the 2.72X performance penalty when no optimizations are used).</description><subject>Computer programs</subject><subject>Embedded computer systems</subject><subject>Incidence</subject><subject>Platforms</subject><subject>Security</subject><subject>Software</subject><issn>1539-9087</issn><issn>1558-3465</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2011</creationdate><recordtype>article</recordtype><recordid>eNotkDtvwjAURq2qlUpp567eOgX8yHXiEaG-JKQu7RwZ-xqlkIT6GiH-fUFhOt9wdIaPsWcpZlKWMJcWFCg1G2lu2EQC1IUuDdxetraFFXV1zx6IfoWQlSphwpYLHpPr8DikLY9D4gEj9qHtNxy7NYaAgdOJMnbE3ca1PWVOQ8xHl5C7nJ3f0iO7i25H-HTllP28vX4vP4rV1_vncrEqvKp0LhBqq4IBkN6Jci3K2qLyzhrlorBnx0gnai0hRqurdUSvMJZSi6BAgjV6yl7G7j4Nfwek3HQtedztXI_DgRor5LmutTqb89H0aSBKGJt9ajuXTo0UzeWt5vrWlUb_A547W-Q</recordid><startdate>201104</startdate><enddate>201104</enddate><creator>Aaraj, Najwa</creator><creator>Raghunathan, Anand</creator><creator>Jha, Niraj K.</creator><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>201104</creationdate><title>A framework for defending embedded systems against software attacks</title><author>Aaraj, Najwa ; Raghunathan, Anand ; Jha, Niraj K.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c273t-e5892d6551ca04b0489e2ca962af09c2761a08315ff937bfec2ef4130d2515963</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Computer programs</topic><topic>Embedded computer systems</topic><topic>Incidence</topic><topic>Platforms</topic><topic>Security</topic><topic>Software</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Aaraj, Najwa</creatorcontrib><creatorcontrib>Raghunathan, Anand</creatorcontrib><creatorcontrib>Jha, Niraj K.</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>ACM transactions on embedded computing systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Aaraj, Najwa</au><au>Raghunathan, Anand</au><au>Jha, Niraj K.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A framework for defending embedded systems against software attacks</atitle><jtitle>ACM transactions on embedded computing systems</jtitle><date>2011-04</date><risdate>2011</risdate><volume>10</volume><issue>3</issue><spage>1</spage><epage>23</epage><pages>1-23</pages><issn>1539-9087</issn><eissn>1558-3465</eissn><abstract>The incidence of malicious code and software vulnerability exploits on embedded platforms is constantly on the rise. Yet, little effort is being devoted to combating such threats to embedded systems. Moreover, adapting security approaches designed for general-purpose systems generally fails because of the limited processing capabilities of their embedded counterparts.
In this work, we evaluate a malware and software vulnerability exploit defense framework for embedded systems. The proposed framework extends our prior work, which defines two isolated execution environments: a
testing
environment, wherein an untrusted application is first tested using dynamic binary instrumentation (DBI), and a
real
environment, wherein a program is monitored at runtime using an extracted behavioral model, along with a continuous learning process. We present a suite of software and hardware optimizations to reduce the overheads induced by the defense framework on embedded systems. Software optimizations include the usage of static analysis, complemented with DBI in the testing environment (i.e., a hybrid software analysis approach is used). Hardware optimizations exploit parallel processing capabilities of multiprocessor systems-on-chip.
We have evaluated the defense framework and proposed optimizations on the ARM-Linux operating system. Experiments demonstrate that our framework achieves a high coverage of considered security threats, with acceptable performance penalties (the average execution time of applications goes up to 1.68X, considering all optimizations, which is much smaller than the 2.72X performance penalty when no optimizations are used).</abstract><doi>10.1145/1952522.1952526</doi><tpages>23</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1539-9087 |
| ispartof | ACM transactions on embedded computing systems, 2011-04, Vol.10 (3), p.1-23 |
| issn | 1539-9087 1558-3465 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_901655332 |
| source | ACM Digital Library |
| subjects | Computer programs Embedded computer systems Incidence Platforms Security Software |
| title | A framework for defending embedded systems against software attacks |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T16%3A04%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20framework%20for%20defending%20embedded%20systems%20against%20software%20attacks&rft.jtitle=ACM%20transactions%20on%20embedded%20computing%20systems&rft.au=Aaraj,%20Najwa&rft.date=2011-04&rft.volume=10&rft.issue=3&rft.spage=1&rft.epage=23&rft.pages=1-23&rft.issn=1539-9087&rft.eissn=1558-3465&rft_id=info:doi/10.1145/1952522.1952526&rft_dat=%3Cproquest_cross%3E901655332%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=901655332&rft_id=info:pmid/&rfr_iscdi=true |