Chaotic Memory Randomization for Securing Embedded Systems

TL;DR

This paper introduces a novel chaotic memory randomization technique for embedded systems that enhances security by preventing malware infiltration and enabling system reset to purge malicious code, suitable for resource-constrained environments.

Contribution

It proposes a new memory randomization method combined with watchdog monitoring to detect and eliminate malware in embedded systems, with a prototype and hardware suggestions.

Findings

Prototype demonstrates feasibility of chaotic memory randomization

Method effectively detects malware infiltration

Hardware alternative enhances security robustness

Abstract

Embedded systems permeate through nearly all aspects of modern society. From cars to refrigerators to nuclear refineries, securing these systems has never been more important. Intrusions, such as the Stuxnet malware which broke the centrifuges in Iran's Natanz refinery, can be catastrophic to not only the infected systems, but even to the wellbeing of the surrounding population. Modern day protection mechanisms for these embedded systems generally look only at protecting the network layer, and those that try to discover malware already existing on a system typically aren't efficient enough to run on a standalone embedded system. As such, we present a novel way to ensure that no malware has been inserted into an embedded system. We chaotically randomize the entire memory space of the application, interspersing watchdog-monitor programs throughout, to monitor that the core application hasn't been infiltrated. By validating the original program through conventional methods and creating a clean reset, we can ensure that any inserted malware is purged from the system with minimal effect on the given system. We also present a software prototype to validate the possibility of this approach, but given the limitations and vulnerabilities of the prototype, we also suggest a hardware alternative to the system.