Next Article in Journal / Special Issue
Barrel Shifter Physical Unclonable Function Based Encryption
Previous Article in Journal
Special Issue on Cryptographic Protocols
Previous Article in Special Issue
Non-Invasive Detection Method for Recycled Flash Memory Using Timing Characteristics
Article Menu

Export Article

Open AccessFeature PaperArticle
Cryptography 2018, 2(3), 20; https://doi.org/10.3390/cryptography2030020

Hardware-Based Run-Time Code Integrity in Embedded Devices

1
School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30332, USA
2
School of Computer Science, Georgia Institute of Technology, Atlanta, GA 30332, USA
*
Author to whom correspondence should be addressed.
Received: 1 August 2018 / Revised: 25 August 2018 / Accepted: 27 August 2018 / Published: 30 August 2018
Full-Text   |   PDF [1468 KB, uploaded 30 August 2018]   |  

Abstract

Attacks on embedded devices are becoming more and more prevalent, primarily due to the extensively increasing plethora of software vulnerabilities. One of the most dangerous types of these attacks targets application code at run-time. Techniques to detect such attacks typically rely on software due to the ease of implementation and integration. However, these techniques are still vulnerable to the same attacks due to their software nature. In this work, we present a novel hardware-assisted run-time code integrity checking technique where we aim to detect if executable code resident in memory is modified at run-time by an adversary. Specifically, a hardware monitor is designed and attached to the device’s main memory system. The monitor creates page-based signatures (hashes) of the code running on the system at compile-time and stores them in a secure database. It then checks for the integrity of the code pages at run-time by regenerating the page-based hashes (with data segments zeroed out) and comparing them to the legitimate hashes. The goal is for any modification to the binary of a user-level or kernel-level process that is resident in memory to cause a comparison failure and lead to a kernel interrupt which allows the affected application to halt safely. View Full-Text
Keywords: embedded systems security; hardware-based malware detection; run-time monitoring; code modification; security threats; Field Programmable Gate Arrays (FPGA) embedded systems security; hardware-based malware detection; run-time monitoring; code modification; security threats; Field Programmable Gate Arrays (FPGA)
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Wehbe, T.; Mooney, V.; Keezer, D. Hardware-Based Run-Time Code Integrity in Embedded Devices. Cryptography 2018, 2, 20.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Cryptography EISSN 2410-387X Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top