Protection against code exploitation using ROP and check-summing in IoT environment

Abstract

The operations of devices in automated, possibly in hostile environments, puts the dependability and reliability of the IoT systems at stake. More specifically, adversaries may tamper with the devices, tamper with sensor values triggering false alarms, instrument the data gathering and overall operation to their own interest. Protecting integrity and confidentiality of IoT devices from tampering attempts is a big challenge. Protection against code tampering is the focal point of this research. This paper entails a contemporary methodology to guard the code against exploitation. The approach focuses on a novel distributed solution by which the tamper resistance of the program code is magnified by the inclusion of two modules that work in tandem with each other. These security modules employ Return Oriented Programming (ROP) techniques and code check-summing techniques to protect critical pieces of code. When working together they provide dual lines of defence to the critical piece of code where the malicious entity has to bypass both the modules in order to tamper the critical piece of code thereby hardening the overall security and increasing the cost of exploitation drastically making it infeasible to mount an attack on IoT devices.