Cited By
View all- Apeko JTurner C(2023)Stack-Based Buffer Overflow Implementation Using Python 3Intelligent Computing10.1007/978-3-031-37717-4_81(1227-1239)Online publication date: 1-Sep-2023
Buffer overflow attack's power consumption signatures
Authors: 
Samuel Moore, Mark Yampolskiy, Jacob Gatlin, Jeffrey T. McDonald, Todd R. AndelAuthors Info & Claims
Article No.: 6, Pages 1 - 7
Abstract
Embedded Systems (ES) are an integral part of Cyber-Physical Systems (CPS), the Internet of Things (IoT), and consumer devices like smartphones. ES often have limited resources, and - if used in CPS and IoT - have to satisfy real time requirements. Therefore, ES rarely employ the security measures established for computer systems and networks. Due to the growth of both CPS and IoT it is important to identify ongoing attacks on ES without interfering with realtime constraints. Furthermore, security solutions that can be retrofit to legacy systems are desirable, especially when ES are used in Industrial Control Systems (ICS) that often maintain the same hardware for decades.
To tackle this problem, several researchers have proposed using side-channels (i.e., physical emanations accompanying cyber processes) to detect such attacks. While prior work focuses on the anomaly detection approach, this might not always be sufficient, especially in complex ES whose behavior depends on the input data. In this paper, we determine whether one of the most common attacks - a buffer overflow attack - generates distinct side-channel signatures if executed on a vulnerable ES. We only consider the power consumption side-channel. We collect and analyze power traces from normal program operation and four cases of buffer overflow attack categories: (i) crash program execution, (ii) injection of executable code, (iii) return to existing function, and (iv) Return Oriented Programming (ROP) with gadgets. Our analysis shows that for some of these cases a power signature-based detection of a buffer overflow attack is possible.
References
[1]
D. Agrawal, S. Baktir, D. Karakoyunlu, P. Rohatgi, and B. Sunar. Trojan detection using ic fingerprinting. In Security and Privacy, 2007. SP'07. IEEE Symposium on, pages 296--310. IEEE, 2007.
[2]
T. R. Andel, J. W. Barron, J. T. McDonald, and J. W. Humphries. RSA power analysis obfuscation: A dynamic algorithmic hardware countermeasure. International Journal of Computing and Digital Systems, 3(2):69--78, 2014.
[3]
T. R. Andel, A. Fritzke, J. W. Humphries, and J. T. McDonald. Design and implementation of hiding techniques to obfuscate against side-channel attacks on AES. International Journal of Computing & Network Technology, 2(2):65--72, 2014.
[4]
J. Barron, T. R. Andel, and Y. Kim. Dynamic architectural countermeasure to protect RSA against side channel power analysis attacks. In Information Systems, Technology and Management, pages 372--383. Springer, 2012.
[5]
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of USENIX Security, 2011.
[6]
N. Falliere, L. Murchu, and E. Chien. W32. stuxnet dossier. White paper, Symantec Corp., Security Response, 2011.
[7]
L. Forbes, H. Vu, B. Udrea, H. Hagar, X. D. Koutsoukos, and M. Yampolskiy. SecureCPS: Defending a Nanosatellite Cyber-Physical System. In SPIE Defense+ Security, pages 90850I--90850I. International Society for Optics and Photonics, 2014.
[8]
C. A. Gonzalez and A. Hinton. Detecting malicious software execution in programmable logic controllers using power fingerprinting. In Critical Infrastructure Protection VIII, pages 15--27. Springer, 2014.
[9]
J. M. Hernández, A. Ferber, S. Prowell, and L. Hively. Phase-space detection of cyber events. In Proceedings of the 10th Annual Cyber and Information Security Research Conference, page 13. ACM, 2015.
[10]
J. M. Hernández, L. Pouchard, J. McDonald, and S. Prowell. Developing a power measurement framework for cyber defense. In Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, page 28. ACM, 2013.
[11]
L. M. Hively and J. T. McDonald. Theorem-based, data-driven, cyber event detection. In Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, page 58. ACM, 2013.
[12]
IAR Systems. Debugging and trace probes.
[13]
IAR Systems. Website.
[14]
P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Advances in Cryptology-CRYPTO'99, pages 388--397. Springer, 1999.
[15]
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental security analysis of a modern automobile. In Proc. IEEE Symp. Security and Privacy (SP), pages 447--462, 2010.
[16]
O. Kosut, L. Jia, R. J. Thomas, and L. Tong. Malicious data attacks on smart grid state estimation: Attack strategies and countermeasures. In Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, pages 220--225. IEEE, 2010.
[17]
C. Li, A. Raghunathan, and N. K. Jha. Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In e-Health Networking Applications and Services (Healthcom), 2011 13th IEEE International Conference on, pages 150--156. IEEE, 2011.
[18]
X. Li, X. Liang, R. Lu, X. Shen, X. Lin, and H. Zhu. Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Communications Magazine, 50(8):38--45, 2012.
[19]
S. Moore, P. Armstrong, T. McDonald, and M. Yampolskiy. Vulnerability analysis of desktop 3d printer software. Resilience Week (RWS), 2016 (inprint), 2016.
[20]
S. Moore, W. B. Glisson, and M. Yampolskiy. Implications of malicious 3d printer firmware. System Sciences (HICSS), 2017 50th Hawaii International Conference (in print), 2017.
[21]
NXP. LPC1311/13/42/43 Product data sheet.
[22]
A. One. Smashing the stack for fun and profit. Phrack magazine, 7(49):14--16, 1996.
[23]
PFP Cybersecurity. eMon - Product Overview.
[24]
PFP Cybersecurity. Supply chain protection - a white paper on counterfeit detection.
[25]
PFP Cybersecurity. Website.
[26]
J. Radcliffe. Hacking medical devices for fun and insulin: Breaking the human scada system. In Black Hat Conference presentation slides, volume 2011, 2011.
[27]
W. Rankl. Overview about attacks on smart cards. Information Security Technical Report, 8(1):67--84, 2003.
[28]
S. Ravi, A. Raghunathan, P. Kocher, and S. Hattangady. Security in embedded systems: Design challenges. ACM Transactions on Embedded Computing Systems (TECS), 3(3):461--491, 2004.
[29]
J. H. Reed and C. R. A. Gonzalez. Using power fingerprinting (pfp) to monitor the integrity and enhance security of computer based systems, Nov. 3 2011. US Patent App. 13/883,105.
[30]
R. Roemer, E. Buchanan, H. Shacham, and S. Savage. Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security (TISSEC), 15(1):2, 2012.
[31]
H. Shacham. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM conference on Computer and communications security, pages 552--561. ACM, 2007.
[32]
W. Van Eck. Electromagnetic radiation from video display units: an eavesdropping risk? Computers & Security, 4(4):269--286, 1985.
[33]
J.-W. Wang and L.-L. Rong. Cascade-based attack vulnerability on the us power grid. Safety Science, 47(10):1332--1336, 2009.
[34]
R. Wojtczuk. The advanced return-into-lib (c) exploits: Pax case study. Phrack Magazine, Volume 0x0b, Issue 0x3a, Phile# 0x04 of 0x0e, 2001.
[35]
M. Wolf, M. Minzlaff, and M. Moser. Information technology security threats to modern e-enabled aircraft: A cautionary note. Journal of Aerospace Information Systems, 11(7):447--457, 2014.
[36]
M. Yampolskiy, P. Horvath, X. D. Koutsoukos, Y. Xue, and J. Sztipanovits. Systematic analysis of cyber-attacks on CPS-evaluating applicability of DFD-based approach. In Resilient Control Systems (ISRCS), 2012 5th International Symposium on, pages 55--62. IEEE, 2012.
Index Terms
- Buffer overflow attack's power consumption signatures
Recommendations
Scalable network-based buffer overflow attack detection
ANCS '06: Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systemsBuffer overflow attack is the main attack method that most if not all existing malicious worms use to propagate themselves from machine to machine. Although a great deal of research has been invested in defense mechanisms against buffer overflow attack, ...
Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models
ACSAC '05: Proceedings of the 21st Annual Computer Security Applications ConferenceBuffer overflows have become the most common target for network-based attacks. They are also the primary mechanism used by worms and other forms of automated attacks. Although many techniques have been developed to prevent server compromises due to ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
December 2016
85 pages
ISBN:9781450348416
DOI:10.1145/3015135
- General Chair:
- J. Todd McDonald,
- Program Chairs:
- Mila Dalla Preda,
- Natalia Stakhanova
Copyright © 2016 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 05 December 2016
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SSPREW '16
SSPREW '16: Software Security, Protection, and Reverse Engineering Workshop
December 5 - 6, 2016
California, Los Angeles, USA
Acceptance Rates
Overall Acceptance Rate 6 of 13 submissions, 46%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 245Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)1
Reflects downloads up to 18 Jan 2025
Other Metrics
Citations
Cited By
View all- Apeko JTurner C(2023)Stack-Based Buffer Overflow Implementation Using Python 3Intelligent Computing10.1007/978-3-031-37717-4_81(1227-1239)Online publication date: 1-Sep-2023
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in