Abstract
A primary concern in creating compartments (i.e., protection domains) for bare-metal systems is to adopt the applicable compartmentalization policy. Existing studies have proposed several typical policies in literature. However, neither of the policies consider the influence of unsafe functions on the compartment security that a vulnerable function would expose unpredictable attack surfaces, which could be exploited to manipulate any contents that are stored in the same compartment. In this paper, we design a machine learning-assisted compartmentalization scheme, which adopts a new policy that takes every function’s security into full account, to create compartments for bare-metal systems. First, the scheme takes advantage of the machine learning method to predict how likely a function holds an exploitable security bug. Second, the prediction results are used to create a new instrumented firmware that isolates vulnerable and normal functions into different compartments. Further, the scheme provides some optional optimization plans to the developer to improve the performance. The PoC of the scheme is incorporated into an LLVM-based compiler and evaluated on a Cortex-M based IoT device. Compared with the firmware adopting other typical policies, the firmware with the new policy not only shows better security but also assures the overhead basically unchanged.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
ARM: Armv7-m architecture reference manual. https://developer.arm.com/documentation/ddi0403/latest/
Azab, A.M., et al.: SKEE: a lightweight secure kernel-level execution environment for ARM. In: 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, 21–24 February 2016 (2016)
Baeza-Yates, R.A., Ribeiro-Neto, B.A.: Modern Information Retrieval. ACM Press/Addison-Wesley, New York (1999)
Cho, Y., Kwon, D., Yi, H., Paek, Y.: Dynamic virtual address range adjustment for intra-level privilege separation on ARM. In: 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, 26 February– 1 March 2017 (2017)
Clements, A.A., Almakhdhub, N.S., Bagchi, S., Payer, M.: ACES: automatic compartments for embedded systems. In: 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, 15–17 August 2018, pp. 65–82 (2018)
Clements, A.A., et al.: Protecting bare-metal embedded systems with privilege overlays. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, 22–26 May 2017, pp. 289–303 (2017)
Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. ACM Trans. Program. Lang. Syst. 9(3), 319–349 (1987)
Giger, E., D’Ambros, M., Pinzger, M.: Method-level bug prediction. In: 2012 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, ESEM 2012, Lund, Sweden, 9–20 September 2012, pp. 171–180 (2012)
Hata, H., Mizuno, O., Kikuno, T.: Bug prediction based on fine-grained module histories. In: 34th International Conference on Software Engineering, ICSE 2012, Zurich, Switzerland, 2–9 June 2012, pp. 200–210 (2012)
Kim, C.H., et al.: Securing real-time microcontroller systems through customized memory view switching. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18–21 February 2018 (2018)
Koeberl, P., Schulz, S., Sadeghi, A., Varadharajan, V.: Trustlite: a security architecture for tiny embedded devices. In: Ninth Eurosys Conference 2014, EuroSys 2014, Amsterdam, The Netherlands, 13–16 April 2014, pp. 10:1–10:14 (2014)
Li, Z., et al.: Vuldeepecker: a deep learning-based system for vulnerability detection. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18–21 February 2018 (2018)
NetworkX: Networkx library. https://networkx.github.io/
Noorman, J., et al.: Sancus: low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, 14–16 August 2013, pp. 479–494 (2013)
Omary, Z., Mtenzi, F.: Dataset threshold for the performance estimators in supervised machine learning experiments. In: Proceedings of the 4th International Conference for Internet Technology and Secured Transactions, ICITST 2009, London, UK, 9–12 November 2009, pp. 1–8 (2009)
Ronen, E., Shamir, A., Weingarten, A., O’Flynn, C.: IoT goes nuclear: creating a zigbee chain reaction. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, 22–26 May 2017, pp. 195–212 (2017)
Sarnowski, M.M., Larson, D., Alnaeli, S.M., Sarrab, M.K.: A study on the usage of unsafe functions in gcc compared to mobile software systems. In: IEEE International Conference on Electro Information Technology, EIT 2017, Lincoln, NE, USA, 14–17 May 2017, pp. 138–142 (2017)
Scitools: Understand python interface. https://scitools.com/features/
STMicroelectronics: Stm32f4discovery. https://www.st.com/en/evaluation-tools/stm32f4discovery.html
Syed, M.H., Fernández, E.B., Moreno, J.: A misuse pattern for DDoS in the IoT. In: Proceedings of the 23rd European Conference on Pattern Languages of Programs, EuroPLoP 2018, Irsee, Germany, 04–08 July 2018, pp. 34:1–34:5 (2018)
Xiling Gong, P.P.: Exploiting qualcomm WLAN and modem over-the-air. In: 22nd BLACK HAT USA (2019)
Acknowledgments
The authors would like to thank the anonymous reviewers for their critical suggestions that greatly improved the paper quality. This work is supported by the National Key R&D Program of China (No. 2019YFB1706002).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Huo, D. et al. (2020). A Machine Learning-Assisted Compartmentalization Scheme for Bare-Metal Systems. In: Meng, W., Gollmann, D., Jensen, C.D., Zhou, J. (eds) Information and Communications Security. ICICS 2020. Lecture Notes in Computer Science(), vol 12282. Springer, Cham. https://doi.org/10.1007/978-3-030-61078-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-61078-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-61077-7
Online ISBN: 978-3-030-61078-4
eBook Packages: Computer ScienceComputer Science (R0)