Issue No. 04 - July/August (2011 vol. 8)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2011.15
Christopher Ferguson , Texas State University - San Marcos, San Marcos
Qijun Gu , Texas State University - San Marcos, San Marcos
Since sensors do not have a sophisticated hardware architecture or an operating system to manage code for safety, attacks injecting code to exploit memory-related vulnerabilities can present threats to sensor applications. In a sensor's simple memory architecture, injected code can alter the control flow of a sensor application to either misuse existing routines or download other malicious code to achieve attacks. To protect the control flow, this paper proposes a self-healing scheme that can stop attacks from exploiting the control flow and then recover sensor applications to normal operations with minimum overhead. The self-healing scheme embeds diversified protection code at particular locations to enforce access control in code memory. Both the access control code and the recovery code are designed to be resilient to control flow attacks that attempt to evade the protection. Furthermore, the self-healing scheme directly processes application code at the machine instruction level, instead of performing control or data analysis on source code. The implementation and evaluation show that the self-healing scheme is lightweight in protecting sensor applications.
Sensor application, control flow, access control, self healing, TinyOS, software security.
C. Ferguson and Q. Gu, "Self-Healing Control Flow Protection in Sensor Applications," in IEEE Transactions on Dependable and Secure Computing, vol. 8, no. , pp. 602-616, 2011.