Customized Instructions for Protection Against Memory Integrity Attacks

摘要

Customized instructions have typically been used for enhancing the performance of embedded systems. However, the use of finding dedicated instructions for security has been rather limited. On the contrary, modern processors are crippled by the threats of memory integrity attacks, which typically target the control flow of a program and are mitigated at the software level. In this letter, we analyze the memory exploitation codes being developed as a part of the Cyber Security Awareness Week-2016 competition, which are based on unsecurednmemcpynand return address modification by buffer overflow on OpenRISC and RISC-V architectures, and implement protections at the hardware level. We added eight new instructions to handle the four exploits by designing dedicated hardware stack and a module for checking against buffer overflow. We have also performed a validation on RISC-V platform and introduced two new custom instructions to ensure security from unboundednmemcpyn. The proposed countermeasures and the new instructions are validated on field programmable gate array platform.