skip to main content
10.1145/3649476.3658715acmconferencesArticle/Chapter ViewAbstractPublication PagesglsvlsiConference Proceedingsconference-collections
research-article

DyFORA: Dynamic Firmware Obfuscation and Remote Attestation using Hardware Signatures

Published: 12 June 2024 Publication History

Abstract

In an era dominated by embedded devices, securing firmware is critical. These devices, often in limited-resource settings, are targets for attacks like piracy, tampering, and reverse engineering. Traditional defenses rely on heavy encryption and obfuscation, leading to performance issues and failing to prevent data leaks. Traditional methods also need runtime cryptographic key storage, increasing vulnerability. This paper introduces the DyFORA framework to protect firmware in real time without storing keys. It uses unique hardware-firmware bindings to prevent unauthorized firmware use. Additionally, we present a novel dynamic runtime attestation method to verify firmware integrity continuously. Our results show this approach significantly boosts security against conventional attacks with minimal overhead in performance (4.62%), area (0.35%), and power (1.4%), requiring 2.6x1075 trials for plaintext firmware decryption.

References

[1]
2009. Opencores. https://opencores.org/projects/openmsp430
[2]
2021. secworks. https://github.com/secworks/aes
[3]
A. Marcelli et al.2018. Defeating hardware Trojan in microprocessor cores through software obfuscation. In 2018 IEEE 19th Latin-American Test Symposium.
[4]
Benjamin Cyr, Jubayer Mahmod, and Ujjwal Guin. 2019. Low-cost and secure firmware obfuscation method for protecting electronic systems from cloning. IEEE Internet of Things Journal 6, 2 (2019), 3700–3711.
[5]
F. Ullah et al.2018. Data exfiltration: A review of external attack vectors and countermeasures. Journal of Network and Computer Applications 101 (2018).
[6]
G. Coker et al.2011. Principles of Remote Attestation. Int. J. Inf. Secur. 10, 2 (jun 2011), 63–81. https://doi.org/10.1007/s10207-011-0124-7
[7]
L. Cassano et al.2022. DETON: DEfeating hardware Trojan horses in microprocessors through software ObfuscatioN. Journal of Systems Architecture 129 (2022). https://doi.org/10.1016/j.sysarc.2022.102592
[8]
M. M. Hossain et al.2021. HEXON: Protecting Firmware Using Hardware-Assisted Execution-Level Obfuscation. In 2021 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). 343–349.
[9]
M. Werner et al.2018. Sponge-Based Control-Flow Protection for IoT Devices. 2018 IEEE European Symposium on Security and Privacy (EuroS&P) (2018).
[10]
Sajeed Mohammad, Mridha Md Mashahedur Rahman, and Farimah Farahmandi. 2021. Required Policies and Properties of the Security Engine of an SoC. In 2021 IEEE International Symposium on Smart Electronic Systems (iSES).
[11]
Greg Morton and K Venkat. 2005. Msp430 competitive benchmarking. Texas Instruments (2005).
[12]
M.R. Guthaus et al.2001. MiBench: A free, commercially representative embedded benchmark suite. In Proceedings of the Fourth Annual IEEE International Workshop on Workload Characterization.3–14.
[13]
P. Junod et al.2015. Obfuscator-LLVM – Software Protection for the Masses. In 2015 IEEE/ACM 1st International Workshop on Software Protection. 3–9.
[14]
R. Clercq et al.2016. SOFIA: Software and control flow integrity architecture. In 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).
[15]
R. Vaslin et al.2009. A Security Approach for Off-Chip Memory in Embedded Microprocessor Systems. Microprocess. Microsyst. (2009).
[16]
S. Kannan et al.2015. Security Vulnerabilities of Emerging Nonvolatile Main Memories and Countermeasures. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 34, 1 (2015), 2–15.
[17]
Sebastian Schrittwieser and Stefan Katzenbeisser. 2011. Code Obfuscation against Static and Dynamic Reverse Engineering. In Information Hiding. Springer Berlin Heidelberg, Berlin, Heidelberg, 270–284.
[18]
Devu Manikantan Shila, Penghe Geng, and Teems Lovett. 2016. I can detect you: Using intrusion checkers to resist malicious firmware attacks. In 2016 IEEE Symposium on Technologies for Homeland Security.
[19]
U. Guin et al.2017. SMA: A System-Level Mutual Authentication for Protecting Electronic Hardware and Firmware. IEEE Transactions on Dependable and Secure Computing 14, 3 (2017), 265–278.
[20]
X. Zhuang et al.2004. Hardware assisted control flow obfuscation for embedded processors. In Proceedings of the 2004 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems.

Cited By

View all
  • (2024)FortBoot: Fortifying Rooted-in-Device-Specific Security Through Secure Booting2024 IFIP/IEEE 32nd International Conference on Very Large Scale Integration (VLSI-SoC)10.1109/VLSI-SoC62099.2024.10767821(1-4)Online publication date: 6-Oct-2024

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
GLSVLSI '24: Proceedings of the Great Lakes Symposium on VLSI 2024
June 2024
797 pages
ISBN:9798400706059
DOI:10.1145/3649476
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 June 2024

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Attestation
  2. Obfuscation
  3. Piracy
  4. Reverse Engineering.

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

GLSVLSI '24
Sponsor:
GLSVLSI '24: Great Lakes Symposium on VLSI 2024
June 12 - 14, 2024
FL, Clearwater, USA

Acceptance Rates

Overall Acceptance Rate 312 of 1,156 submissions, 27%

Upcoming Conference

GLSVLSI '25
Great Lakes Symposium on VLSI 2025
June 30 - July 2, 2025
New Orleans , LA , USA

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)79
  • Downloads (Last 6 weeks)12
Reflects downloads up to 23 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)FortBoot: Fortifying Rooted-in-Device-Specific Security Through Secure Booting2024 IFIP/IEEE 32nd International Conference on Very Large Scale Integration (VLSI-SoC)10.1109/VLSI-SoC62099.2024.10767821(1-4)Online publication date: 6-Oct-2024

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media