logo SBA

ETD

Archivio digitale delle tesi discusse presso l’Università di Pisa

Tesi etd-11212018-174046


Tipo di tesi
Tesi di laurea magistrale
Autore
FERRI, GIULIA
Indirizzo email
giulia.ferri91@yahoo.it
URN
etd-11212018-174046
Titolo
Hypervising of hardware-based control flow integrity for ARM platforms
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
EMBEDDED COMPUTING SYSTEMS
Relatori
relatore Prof. Buttazzo, Giorgio C.
relatore Dott. Biondi, Alessandro
tutor Ing. Cicero, Giorgiomaria
Parole chiave
  • ARM
  • embedded systems
  • hypervisor
  • security
  • Trustzone
  • virtualization
Data inizio appello
11/12/2018
Consultabilità
Non consultabile
Data di rilascio
11/12/2088
Riassunto
Embedded systems are being adopted in applications requiring mixed levels of criticality and security, thus making them more susceptible to malicious cyber attacks. Due to resource constraints, classical IT solutions cannot be typically implemented on embedded platforms. Moreover, since the programming languages mostly used for these systems are unsafe by construction, code injection attacks and/or code reuse attacks (CRAs) become
more feasible. Although code injection attacks can be mitigated, CRAs, such as return-oriented programming (ROP) and jump-oriented programming (JOP), can still succeed.
Control-Flow Integrity (CFI) is one of the most used family of techniques to prevent CRAs by monitoring the execution flow of the program.
This thesis focuses on a hardware-based CFI solution, provided by the ARMv8.3-A architecture, namely Pointer Authentication Code (PAC), and investigates on the possible approaches to integrate said technique with virtualization mechanisms, at the aim to safely managing and monitoring it.
Pointer Authentication technique prevents control flow hijacking by protecting the integrity of code pointers at run-time by means of short Message Authentication Codes (MAC).
This code is embedded into each pointer and used for verifying its integrity before usage.

In particular, this work aims at (i) leveraging the hardware-based isolation offered by the ARM TrustZone
technology to achieve a successful key management, (ii) providing an attack detection allowing application-dependent reactions, and (iii) emulating the behaviour of PAC via software and/or hardware accelerations for architectures that do not dispose of hardware-based supports for CFI.

The implementation and the investigations carried out during this work revealed interesting insights but also crucial limitations. It emerged that the Armv8.3-A architecture allows hypervising PAC with limited effort thanks to the available hardware-based support, while detecting an attack is hard to realize without introducing non-trivial run-time overhead.
Finally, emulate the behaviour of PAC via software leads to performance degradation when adopting.
File