{"title":"基于arm的无线网络系统防御缓冲区溢出攻击能力的实验评估","authors":"Sun Zhou, Jun Chen","doi":"10.1109/ICEIEC49280.2020.9152302","DOIUrl":null,"url":null,"abstract":"Buffer overflow attack is one of the mainstream attacks towards the ARM architecture. It may lead to consequences such as program failure or system privileges loss. The mainstream operating systems deploy multiple defense mechanisms to mitigate such attacks. However, so far there are few reports on evaluation of the defense capability of ARM-based operating systems from buffer overflow attacks. In this paper, firstly, we implemented the Runtime Intrusion Prevention Evaluator on ARM-based operating systems, which we called RIPE-ARM. In that evaluator, 850 kinds of effective buffer overflow attacks are integrated for test. Secondly, by using the QEMU virtual machine, an ARM-based system, Raspberry Pi, was set up for the experiment; and then, the RIPE-ARM was used to test and evaluate the defense capability of Raspberry Pi. We identified the kinds of attacks that each defense or defense combination can successfully prevent, respectively. Among all the defense methods, the Canary + DEP combination turns out to be optimal that is able to make 840 out of the total 850 kinds of attacks fail. Furthermore, for comparison, the defense capability of Ubuntu 16.04 LTS system based on X86 architecture was also tested. The results show that the optimal defense method of that system can prevent only 790 attack kinds.","PeriodicalId":352285,"journal":{"name":"2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Experimental Evaluation of the Defense Capability of ARM-based Systems against Buffer Overflow Attacks in Wireless Networks\",\"authors\":\"Sun Zhou, Jun Chen\",\"doi\":\"10.1109/ICEIEC49280.2020.9152302\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Buffer overflow attack is one of the mainstream attacks towards the ARM architecture. It may lead to consequences such as program failure or system privileges loss. The mainstream operating systems deploy multiple defense mechanisms to mitigate such attacks. However, so far there are few reports on evaluation of the defense capability of ARM-based operating systems from buffer overflow attacks. In this paper, firstly, we implemented the Runtime Intrusion Prevention Evaluator on ARM-based operating systems, which we called RIPE-ARM. In that evaluator, 850 kinds of effective buffer overflow attacks are integrated for test. Secondly, by using the QEMU virtual machine, an ARM-based system, Raspberry Pi, was set up for the experiment; and then, the RIPE-ARM was used to test and evaluate the defense capability of Raspberry Pi. We identified the kinds of attacks that each defense or defense combination can successfully prevent, respectively. Among all the defense methods, the Canary + DEP combination turns out to be optimal that is able to make 840 out of the total 850 kinds of attacks fail. Furthermore, for comparison, the defense capability of Ubuntu 16.04 LTS system based on X86 architecture was also tested. The results show that the optimal defense method of that system can prevent only 790 attack kinds.\",\"PeriodicalId\":352285,\"journal\":{\"name\":\"2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEIEC49280.2020.9152302\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEIEC49280.2020.9152302","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Experimental Evaluation of the Defense Capability of ARM-based Systems against Buffer Overflow Attacks in Wireless Networks
Buffer overflow attack is one of the mainstream attacks towards the ARM architecture. It may lead to consequences such as program failure or system privileges loss. The mainstream operating systems deploy multiple defense mechanisms to mitigate such attacks. However, so far there are few reports on evaluation of the defense capability of ARM-based operating systems from buffer overflow attacks. In this paper, firstly, we implemented the Runtime Intrusion Prevention Evaluator on ARM-based operating systems, which we called RIPE-ARM. In that evaluator, 850 kinds of effective buffer overflow attacks are integrated for test. Secondly, by using the QEMU virtual machine, an ARM-based system, Raspberry Pi, was set up for the experiment; and then, the RIPE-ARM was used to test and evaluate the defense capability of Raspberry Pi. We identified the kinds of attacks that each defense or defense combination can successfully prevent, respectively. Among all the defense methods, the Canary + DEP combination turns out to be optimal that is able to make 840 out of the total 850 kinds of attacks fail. Furthermore, for comparison, the defense capability of Ubuntu 16.04 LTS system based on X86 architecture was also tested. The results show that the optimal defense method of that system can prevent only 790 attack kinds.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
