Abstract.
Entering the age of the Internet of Things, embedded devices are everywhere.
They are built using common hardware such as RISC-based ARM and MIPS
platforms, and lightweight open software components. Because of their limited
resources, such systems often lack the protection mechanisms that have been
introduced to the desktop and server world. In this paper, we present
BINtegrity, a novel approach for exploit mitigation that is specifically
tailored towards embedded systems that are based on the common RISC
architecture. BINtegrity leverages architectural features of RISC CPUs to
extract a combination of static and dynamic properties relevant to OS service
requests from executables, and enforces them during runtime. Our technique
borrows ideas from several areas including system call monitoring, static
analysis, and code emulation, and combines them in a low-overhead fashion
directly in the operating system kernel. We implemented BINtegrity for the
Linux operating system. BINtegrity is practical, and restricts the ability of
attackers to exploit generic memory corruption vulnerabilities in COTS
binaries. In contrast to other approaches, BINtegrity does not require access
to source code, binary modification, or application specific configuration
such as policies. Our evaluation demonstrates that BINtegrity incurs a very
low overhead – only 2% – and shows that our approach mitigates both code
injection and code reuse attacks.