The rest of this paper is organized as follows.
Section 2 discusses the related work. Section 3
describes the motivation. Section 4 presents the
monitoring architecture in detail. Section 5 provides
the security analysis of the proposed mechanism.
Section 6 shows the experimental analysis. Section 7
concludes this paper.
Related Work
The security protection methods have been
greatly increased over the past decades. The related
software-based and hardware-based techniques are
examined as below. 本文来自辣.文,论-文·网原文请找腾讯3249.114
The software-based approaches used to be the
main methods for detecting and preventing exploits.
Abadi et al [1] propose a software technique to
monitor the control flow. It derives the control flow
graph (CFG) of a program using static analysis and
enforces the CFG check at runtime. StackGuard[2]
recompiles the source code to place a random word
on the stack to prevent return address corruption
resulted from stack overflow. In [3], the author
presents a self-checking technique which uses digital
signaturesto help identify whether application code
has been modified to destroy the integrity at runtime.
Recently, hardware-based approaches become
the state-of-the-art method. Yunsi Fei et al.[4]
proposed a micro-architectural monitoring module to
monitor the code integrity. The AEGIS[5] presents
techniques for control-flow and code tampering
prevention. Zhang et al. [6] proposed a secure coprocessor for monitoring kernel data structures, but it
is too expensive to be used for resource restricted
embedded systems. Arora [7] presents a hardware
control flow monitor to enhance embedded system
security. CODESSEAL[8] uses compiler inserting
signature to the object file, and the runtime
reconfigurable FPGA logic validate the application
execution at a cache block level. REM.[9] propose an
architectural mechanism to prevent malicious code
execution.
From the application data protection perspective,
many technologies are also proposed. In [10], the
author presents a hardware/software approach to
secure the application data. Their work enhances the
memory hierarchy to represent the attributes of each
datum as security tags, and adds a configurable
hardware checker that interprets the semantics of the
上一页 [1] [2] [3] [4] [5] [6] 下一页
COMPILER/HARDWARE ASSISTED APPLICATION CODE AND DATA SECURITY IN EMBEDDED SYSTEMS 第3页下载如图片无法显示或论文不完整,请联系qq752018766
