Experimental Evaluation of the Defense Capability of ARM-based Systems against Buffer Overflow Attacks in Wireless Networks

Abstract

Buffer overflow attack is one of the mainstream attacks towards the ARM architecture. It may lead to consequences such as program failure or system privileges loss. The mainstream operating systems deploy multiple defense mechanisms to mitigate such attacks. However, so far there are few reports on evaluation of the defense capability of ARM-based operating systems from buffer overflow attacks. In this paper, firstly, we implemented the Runtime Intrusion Prevention Evaluator on ARM-based operating systems, which we called RIPE-ARM. In that evaluator, 850 kinds of effective buffer overflow attacks are integrated for test. Secondly, by using the QEMU virtual machine, an ARM-based system, Raspberry Pi, was set up for the experiment; and then, the RIPE-ARM was used to test and evaluate the defense capability of Raspberry Pi. We identified the kinds of attacks that each defense or defense combination can successfully prevent, respectively. Among all the defense methods, the Canary + DEP combination turns out to be optimal that is able to make 840 out of the total 850 kinds of attacks fail. Furthermore, for comparison, the defense capability of Ubuntu 16.04 LTS system based on X86 architecture was also tested. The results show that the optimal defense method of that system can prevent only 790 attack kinds.