ترغب بنشر مسار تعليمي؟ اضغط هنا

On Runtime Software Security of TrustZone-M based IoT Devices

364   0   0.0 ( 0 )
 نشر من قبل Lan Luo
 تاريخ النشر 2020
  مجال البحث الهندسة المعلوماتية
والبحث باللغة English




اسأل ChatGPT حول البحث

Internet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU based IoT devices. This paper presents the first security analysis of potential software security issues in TrustZone-M enabled MCUs. We explore the stack-based buffer overflow (BOF) attack for code injection, return-oriented programming (ROP) attack, heap-based BOF attack, format string attack, and attacks against Non-secure Callable (NSC) functions in the context of TrustZone-M. We validate these attacks using the TrustZone-M enabled SAM L11 MCU. Strategies to mitigate these software attacks are also discussed.



قيم البحث

اقرأ أيضاً

Internet of things (IoT) that integrate a variety of devices into networks to provide advanced and intelligent services have to protect user privacy and address attacks such as spoofing attacks, denial of service attacks, jamming and eavesdropping. I n this article, we investigate the attack model for IoT systems, and review the IoT security solutions based on machine learning techniques including supervised learning, unsupervised learning and reinforcement learning. We focus on the machine learning based IoT authentication, access control, secure offloading and malware detection schemes to protect data privacy. In this article, we discuss the challenges that need to be addressed to implement these machine learning based security schemes in practical IoT systems.
110 - Gustavo Banegas 2021
As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a secur ity architecture for IoT software updates, standardizing the metadata and the cryptographic tools-namely, digital signatures and hash functions-that guarantee the legitimacy of software updates. While the performance of SUIT has previously been evaluated in the pre-quantum context, it has not yet been studied in a post-quantum context. Taking the open-source implementation of SUIT available in RIOT as a case study, we overview post-quantum considerations, and quantum-resistant digital signatures in particular, focusing on lowpower, microcontroller-based IoT devices which have stringent resource constraints in terms of memory, CPU, and energy consumption. We benchmark a selection of proposed post-quantum signature schemes (LMS, Falcon, and Dilithium) and compare them with current pre-quantum signature schemes (Ed25519 and ECDSA). Our benchmarks are carried out on a variety of IoT hardware including ARM Cortex-M, RISC-V, and Espressif (ESP32), which form the bulk of modern 32-bit microcontroller architectures. We interpret our benchmark results in the context of SUIT, and estimate the real-world impact of post-quantum alternatives for a range of typical software update categories. CCS CONCEPTS $bullet$ Computer systems organization $rightarrow$ Embedded systems.
Given that security threats and privacy breaches are com- monplace today, it is an important problem for one to know whether their device(s) are in a good state of security, or is there a set of high- risk vulnerabilities that need to be addressed. I n this paper, we address this simple yet challenging problem. Instead of gaining white-box access to the device, which offers privacy and other system issues, we rely on network logs and events collected offine as well as in realtime. Our approach is to apply analytics and machine learning for network security analysis as well as analysis of the security of the overall device - apps, the OS and the data on the device. We propose techniques based on analytics in order to determine sensitivity of the device, vulnerability rank of apps and of the device, degree of compromise of apps and of the device, as well as how to define the state of security of the device based on these metrics. Such metrics can be used further in machine learning models in order to predict the users of the device of high risk states, and how to avoid such risks.
Recurrent neural networks (RNNs) have shown promising results in audio and speech processing applications due to their strong capabilities in modelling sequential data. In many applications, RNNs tend to outperform conventional models based on GMM/UB Ms and i-vectors. Increasing popularity of IoT devices makes a strong case for implementing RNN based inferences for applications such as acoustics based authentication, voice commands, and edge analytics for smart homes. Nonetheless, the feasibility and performance of RNN based inferences on resources-constrained IoT devices remain largely unexplored. In this paper, we investigate the feasibility of using RNNs for an end-to-end authentication system based on breathing acoustics. We evaluate the performance of RNN models on three types of devices; smartphone, smartwatch, and Raspberry Pi and show that unlike CNN models, RNN models can be easily ported onto resource-constrained devices without a significant loss in accuracy.
The advancement in cloud networks has enabled connectivity of both traditional networked elements and new devices from all walks of life, thereby forming the Internet of Things (IoT). In an IoT setting, improving and scaling network components as wel l as reducing cost is essential to sustain exponential growth. In this domain, software-defined networking (SDN) is revolutionizing the network infrastructure with a new paradigm. SDN splits the control/routing logic from the data transfer/forwarding. This splitting causes many issues in SDN, such as vulnerabilities of DDoS attacks. Many solutions (including blockchain based) have been proposed to overcome these problems. In this work, we offer a blockchain-based solution that is provided in redundant SDN (load-balanced) to service millions of IoT devices. Blockchain is considered as tamper-proof and impossible to corrupt due to the replication of the ledger and consensus for verification and addition to the ledger. Therefore, it is a perfect fit for SDN in IoT Networks. Blockchain technology provides everyone with a working proof of decentralized trust. The experimental results show gain and efficiency with respect to the accuracy, update process, and bandwidth utilization.
التعليقات
جاري جلب التعليقات جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا