fASLR: Function-Based ASLR for Resource-Constrained IoT Systems

The address space layout randomization (ASLR) has been widely deployed on modern operating systems against code reuse attacks (CRAs) such as return-oriented programming (ROP) and return-to-libc. However, porting ASLR to resource-constrained IoT devices is a great challenge due to the limited memory space. We propose a function-based ASLR scheme (fASLR) for IoT runtime security utilizing the ARM TrustZone-M technique and the memory protection unit (MPU). fASLR loads a function from the flash and randomizes its entry address in a randomization region in RAM when the function is called. We design novel mechanisms on cleaning up finished functions from the RAM and memory addressing to deal with the complexity of function relocation and randomization. Compared with related work, a prominent advantage of fASLR is that fASLR can run an application even if the application code cannot be completely loaded into RAM for execution. We test fASLR with 21 applications. fASLR achieves high randomization entropy and incurs runtime overhead of less than 10%.

Automated summary

This paper proposes a function-based ASLR scheme for resource-constrained IoT devices, utilizing ARM TrustZone-M technique and memory protection unit. By randomizing the entry addresses of functions, the scheme enhances runtime security. Compared to related work, the fASLR achieves high randomization entropy with less than 10% runtime overhead.