Buffer overflow attack with multiple fault injection and a proven countermeasure

Shoei Nashimoto, Naofumi Homma, Yu-Ichi Hayashi, Junko Takahashi, Hitoshi Fuji, Takafumi Aoki

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

In this paper, we present a hardware/software co-attack to hijack a program flow on microcontrollers. The basic idea is to skip a few instructions using multiple fault injection in microcontrollers in cooperation with a software attack. We focus on buffer overflow (BOF) attacks together with such multiple fault injection. The proposed attack can be applied to a program code with a typical software countermeasure against BOF attacks. The attack manipulates the program control flow by skipping specific instructions related to the countermeasure, and thus, the subsequent BOF attack code is successfully executed on the microcontroller. We show the effectiveness of our proposed attack through experiments using an 8-bit AVR ATmega163 microcontroller and a 32-bit ARM Cortex-M0+ microcontroller, where the target software was equipped with a countermeasure limiting the size of user input against BOF attacks. The result showed that our attack can overwrite a return address stored in a stack and call an arbitrary malicious function. We also propose a software countermeasure against our attack and prove its validity by examining all the possible instruction skips.

Original languageEnglish
Pages (from-to)35-46
Number of pages12
JournalJournal of Cryptographic Engineering
Volume7
Issue number1
DOIs
Publication statusPublished - 2017 Apr 1

Keywords

  • Buffer overflow attacks
  • Embedded processors
  • Fault injection attacks
  • Program-flow hijacking

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Buffer overflow attack with multiple fault injection and a proven countermeasure'. Together they form a unique fingerprint.

  • Cite this