Binary protection framework for embedded systems

Embedded systems empower many products and are used in a variety of applications ranging from smart homes to modern cars. Respective technologies enable new functional features and at the same time improve also non-functional aspects like environmental efficiency. Especially, their inter-connection and coupling with existing networks – in particular to the Internet – allow for an unprecedented boost. However, at the same time security concerns emerge since respective security breaches may have dire consequences ranging from malfunctions, theft, tampering of intellectual property up to threats of safety. This paper presents a generic protection framework for binary file images. The focus of the framework is on hindering reverse engineering and to ensure integrity of embedded systems software. It is designed to be applied in a post-development stage and can be used to add/improve security features of existing products in a number of ways. The concept, a proof-of-concept implementation as well as several key features, such as an in-memory library, a userland-exec implementation, and antidebugging & anti-tampering mechanisms are elaborated.

[1]  Ronald Petrlic Integrity Protection for Automated Teller Machines , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[2]  Mafaz Mohsin Khalil Al-Anezi,et al.  Generic Packing Detection using Several Complexity Analysis for Accurate Malware Detection , 2014 .

[3]  Claudio Cubillos,et al.  Obfuscation procedure based in dead code insertion into crypter , 2016, 2016 6th International Conference on Computers Communications and Control (ICCCC).

[4]  Barton P. Miller,et al.  Binary-code obfuscations in prevalent packer tools , 2013, CSUR.

[5]  Ricardo Neisse,et al.  Enforcement of security policy rules for the Internet of Things , 2014, 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[6]  Robert R. Moeller Information Security: Basic to Specialized Topics , 1993, Inf. Secur. J. A Glob. Perspect..

[7]  Tim Ring,et al.  Connected cars - the next targe tfor hackers , 2015, Netw. Secur..

[8]  Nektarios Georgios Tsoutsos,et al.  SGXCrypter: IP protection for portable executables using Intel's SGX technology , 2017, 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC).

[9]  A. One,et al.  Smashing The Stack For Fun And Profit , 1996 .

[10]  Meikang Qiu,et al.  Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software , 2006, IEEE Transactions on Computers.

[11]  Felix C. Freiling,et al.  Soteria: Offline Software Protection within Low-cost Embedded Devices , 2015, ACSAC.

[12]  Nirwan Ansari,et al.  Revealing Packed Malware , 2008, IEEE Security & Privacy.

[13]  James H. Cross,et al.  Reverse engineering and design recovery: a taxonomy , 1990, IEEE Software.

[14]  Frank Piessens,et al.  Protected Software Module Architectures , 2013, ISSE.

[15]  Philip A. Wilsey,et al.  Design and Performance Evaluation of Binary Code Packing for Protecting Embedded Software against Reverse Engineering , 2010, 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing.

[16]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[17]  Dennis G. Abraham,et al.  Transaction Security System , 1991, IBM Syst. J..