Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence
As many types of IoT devices worm their way into numerous settings and many aspects of
our daily lives, awareness of their presence and functionality becomes a source of major …
our daily lives, awareness of their presence and functionality becomes a source of major …
Bitmap-Based Security Monitoring for Deeply Embedded Systems
A Peng, D Fang, L Guan, E Kouwe, Y Li… - ACM Transactions on …, 2024 - dl.acm.org
Deeply embedded systems powered by microcontrollers are becoming popular with the
emergence of Internet of Things (IoT) technology. However, these devices primarily run …
emergence of Internet of Things (IoT) technology. However, these devices primarily run …
From low-level fault modeling (of a pipeline attack) to a proven hardening scheme
S Michelland, C Deleuze, L Gonnord - Proceedings of the 33rd ACM …, 2024 - dl.acm.org
Fault attacks present unique safety and security challenges that require dedicated
countermeasures, even for bug-free programs. Models of these complex attacks are made …
countermeasures, even for bug-free programs. Models of these complex attacks are made …
Rt-dfi: Optimizing data-flow integrity for real-time systems
The emergence of Real-Time Systems with increased connections to their environment has
led to a greater demand in security for these systems. Memory corruption attacks, which …
led to a greater demand in security for these systems. Memory corruption attacks, which …
InvisiGuard: Data Integrity for Microcontroller-Based Devices via Hardware-Triggered Write Monitoring
D Fang, A Peng, E van der Kouwe… - … on Dependable and …, 2024 - ieeexplore.ieee.org
This paper considers a strongly connected network of agents, each capable of partially
observing and controlling a discrete-time linear time-invariant (LTI) system that is jointly …
observing and controlling a discrete-time linear time-invariant (LTI) system that is jointly …
Hardware-Assisted Static and Runtime Attestation for Cloud Deployments
This article is devoted to the problems of static and runtime integrity for cloud deployments.
Existing remote attestation solutions for cloud infrastructure do not cover static and dynamic …
Existing remote attestation solutions for cloud infrastructure do not cover static and dynamic …
InsectACIDE: Debugger-Based Holistic Asynchronous CFI for Embedded System
Real-time and embedded systems are predominantly written in C, a language that is
notoriously not memory safe. This has led to widespread memory-corruption vulnerabilities …
notoriously not memory safe. This has led to widespread memory-corruption vulnerabilities …
CFIEE: An Open-Source Critical Metadata Extraction Tool for RISC-V Hardware-Based CFI Schemes
W Li, W Wang, S Li - Electronics, 2024 - mdpi.com
Control flow critical metadata play a key role in hardware-based control flow integrity (CFI)
mechanisms that effectively monitor and secure program control flow based on pre-extracted …
mechanisms that effectively monitor and secure program control flow based on pre-extracted …
A Procrastinating Control-Flow Integrity Framework for Periodic Real-Time Systems
Connected embedded systems and cyber-physical systems exhibit larger attack surface
than isolated ones. Control-flow integrity (CFI) is a set of techniques to prevent attackers …
than isolated ones. Control-flow integrity (CFI) is a set of techniques to prevent attackers …
GuiDiv: Mitigating Code-reuse Attack in an IoT Cluster Using Guided Control Flow Diversification
Y Li, Q Zhou, B Li, Y Zhuang - … on Trust, Security and Privacy in …, 2023 - ieeexplore.ieee.org
Code randomization, aka software diversification, is an effective way to mitigate code-reuse
attacks. This mechanism diversifies the target software into heterogeneous variants, making …
attacks. This mechanism diversifies the target software into heterogeneous variants, making …