3.8 Proceedings Paper

fASLR: Function-Based ASLR for Resource-Constrained IoT Systems

Journal

COMPUTER SECURITY - ESORICS 2022, PT II
Volume 13555, Issue -, Pages 531-548

Publisher

SPRINGER INTERNATIONAL PUBLISHING AG
DOI: 10.1007/978-3-031-17146-8_26

Keywords

Function-based randomization; IoT; ASLR; CRA; ROP

Funding

  1. National Key R&D Program of China [2018YFB2100300]
  2. National Natural Science Foundation of China [62022024, 61972088, 62072103, 62102084, 62072102, 62072098, 61972083]
  3. US National Science Foundation (NSF) [1931871, 1915780]
  4. US Department of Energy (DOE) Award [DE-EE0009152]
  5. Jiangsu Provincial Natural Science Foundation for Excellent Young Scholars [BK20190060]
  6. Jiangsu Provincial Natural Science Foundation of China [BK20190340]
  7. Jiangsu Provincial Key Laboratory of Network and Information Security Grant [BM2003201]
  8. Key Laboratory of Computer Network and Information Integration of Ministry of Education of China [93K-9]
  9. Collaborative Innovation Center of Novel Software Technology and Industrialization

Ask authors/readers for more resources

This paper proposes a function-based ASLR scheme for resource-constrained IoT devices, utilizing ARM TrustZone-M technique and memory protection unit. By randomizing the entry addresses of functions, the scheme enhances runtime security. Compared to related work, the fASLR achieves high randomization entropy with less than 10% runtime overhead.
The address space layout randomization (ASLR) has been widely deployed on modern operating systems against code reuse attacks (CRAs) such as return-oriented programming (ROP) and return-to-libc. However, porting ASLR to resource-constrained IoT devices is a great challenge due to the limited memory space. We propose a function-based ASLR scheme (fASLR) for IoT runtime security utilizing the ARM TrustZone-M technique and the memory protection unit (MPU). fASLR loads a function from the flash and randomizes its entry address in a randomization region in RAM when the function is called. We design novel mechanisms on cleaning up finished functions from the RAM and memory addressing to deal with the complexity of function relocation and randomization. Compared with related work, a prominent advantage of fASLR is that fASLR can run an application even if the application code cannot be completely loaded into RAM for execution. We test fASLR with 21 applications. fASLR achieves high randomization entropy and incurs runtime overhead of less than 10%.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

3.8
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available