Discovery and Identification of Memory Corruption Vulnerabilities on Bare-Metal Embedded Devices
نویسندگان
چکیده
Memory corruption vulnerabilities remain a prevalent threat on low-cost bare-metal devices. Fuzzing is popular technique for automatically discovering such vulnerabilities. However, devices lack even basic security mechanisms as Management Unit. Consequently, fuzzing approaches encounter silent memory corruptions with no visible effects, making discovery difficult. Once discovered, it also essential to identify the type of observed vulnerability applying mitigation. Both and identification open challenges in case firmware binaries. This article addresses these problems by proposing an automated instrumentation that allows observation are otherwise not observable facilitates vulnerability. Additionally, we surveyed state-of-the-art IoT fuzzers analyzed their experimental methodologies. We found existing have fundamental lead incorrect or misleading results. To evaluate effectiveness fuzzers, determine range can discover. Thus, propose first ground-truth benchmark suite enables accurate consistent evaluation vulnerability-finding performance. Our framework's efficacy efficiency combination assessed using proposed benchmark.
منابع مشابه
Combating Memory Corruption Attacks On Scada Devices
Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memo...
متن کاملthe effects of keyword and context methods on pronunciation and receptive/ productive vocabulary of low-intermediate iranian efl learners: short-term and long-term memory in focus
از گذشته تا کنون، تحقیقات بسیاری صورت گرفته است که همگی به گونه ای بر مثمر ثمر بودن استفاده از استراتژی های یادگیری لغت در یک زبان بیگانه اذعان داشته اند. این تحقیق به بررسی تاثیر دو روش مختلف آموزش واژگان انگلیسی (کلیدی و بافتی) بر تلفظ و دانش لغوی فراگیران ایرانی زیر متوسط زبان انگلیسی و بر ماندگاری آن در حافظه می پردازد. به این منظور، تعداد شصت نفر از زبان آموزان ایرانی هشت تا چهارده ساله با...
15 صفحه اولMetal/organic/metal bistable memory devices
We report a bistable organic memory made of a single organic layer embedded between two electrodes, and compare to the organic/metal nanoparticle/organic tri-layers device [Ma, Liu, and Yang, Appl. Phys. Lett. 80, 2997 (2002)]. We demonstrate that the two devices exhibit similar temperature-dependent behaviors, a thermally activated behavior in their low conductive state (off-state) and a sligh...
متن کاملTrustworthy Memory Isolation of Linux on Embedded Devices
The isolation of security critical components from an untrusted OS allows to both protect applications and to harden the OS itself, for instance by run-time monitoring. Virtualization of the memory subsystem is a key component to provide such isolation. We present the design, implementation and verification of a virtualization platform for the ARMv7-A processor family. Our design is based on di...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Dependable and Secure Computing
سال: 2023
ISSN: ['1941-0018', '1545-5971', '2160-9209']
DOI: https://doi.org/10.1109/tdsc.2022.3149371