Shakedown: compiler-based moving target protection for Return Oriented Programing attacks on an industrial IoT device
Fady Copty (1), Francisco Hernandez (2), Dov Murik (1), Olmo Ray\'on, (2) ((1) IBM Research, (2) Worldsensing)
TL;DR
Shakedown is a compile-time tool that randomizes binary memory layouts to defend industrial IoT devices against return-oriented programming attacks, effectively blocking exploits without affecting device functionality.
Contribution
It introduces a novel compile-time randomization approach specifically designed for constrained IoT devices to prevent ROP attacks.
Findings
Successfully blocked ROP exploits on industrial IoT device
Maintained normal device functionality
Demonstrated effectiveness of compile-time randomization
Abstract
Cybercriminals use Return Oriented Programming techniques to attack systems and IoT devices. While defenses have been developed, not all of them are applicable to constrained devices. We present Shakedown, which is a compile-time randomizing build tool which creates several versions of the binary, each with a distinct memory layout. An attack developed against one device will not work on another device which has a different memory layout. We tested Shakedown on an industrial IoT device and shown that its normal functionality remained intact while an exploit was blocked.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Physical Unclonable Functions (PUFs) and Hardware Security