tags and enforces the desired security policies.
Gelbart[11] presents an architectural support for
securing application data integrity. Their scheme can
protect the application data from physical attacks.
PE-ICE[12] enables to guarantee confidentiality and
integrity of data exchanged between the safe SoC
and its external memory.
Motivation
In this section, we will illustrate the software
vulnerabilities and physical attacks on application
code and data.
Buffer[16]
sfp
ret
*str 本文来自辣.文,论-文·网
Malicious
code
Stack growth
Overflow
--------------------------------void function(char *str)
{
char buffer[16];
strcpy(buffer,str);
}
void main()
{
char large_string[256];
int i;
for( i = 0; i < 255; i++)
large_string[i] = 'A';
function(large_string);
}原文请找腾讯752018766
--------------------------------……
(a) (b)
Figure 1. Stack Smashing Attack and its Stack
Structure
In software attacks, the attacker exploits
software vulnerabilities that presented in the
“trusted” application (e.g.,OS) to launch attacks.
Figure 1(a) illustrates a typical smashing attack.
Function() uses strcpy() to copy the large_string[]
into local buffer. Since strcpy() does not verify
whether the input exceeds the buffer size, an attacker
can overflow the buffer[] to overwrite the return
address(ret) and previous frame pointer(fp).
Figure 1(b) shows its stack structure. By careful
design, an attacker can make the return address point
to the malicious code as shown in Figure 1(b). After
the program returns, the normal control flow will be
interrupted to execute the malicious code. A variation
of this kind of attacks overflows the previous fp only.
Since previous fp will point to the stack frame of
main() after returning from function(), a similar
attack can be activated when the program returns
from main()
上一页 [1] [2] [3] [4] [5] [6] 下一页
COMPILER/HARDWARE ASSISTED APPLICATION CODE AND DATA SECURITY IN EMBEDDED SYSTEMS 第4页下载如图片无法显示或论文不完整,请联系qq752018766
