Inter-Process CFI for Peer/Reciprocal Monitoring in RISC-V-Based Binaries

• Published in: European Conference on Cyber Warfare and Security pp. 605 - VIII
• Main Authors: Oyinloye, Toyosi, Speakman, Lee, Eze, Thaddeus
• Format: Conference Proceeding
• Language: English
• Published: Reading Academic Conferences International Limited 01.06.2021
• Subjects: Artificial intelligence; Computer architecture; Electronic devices; Exploitation; Instruction sets (computers); Internet of Things; Literature reviews; Malware; Monitoring; Resistance to control; Smartphones; Software; Tablet computers
• DOI: 10.34190/EWS.21.115

Attacks stemming from software vulnerabilities that cause memory corruption often result in control flow hijacks and hold a place of notoriety in software exploitation. Attackers take advantage of vulnerabilities due to programming flaws to execute malicious code for redirecting the intended execution flow of applications. Existing defences offer limited protection due to their specificity to system architecture, operating systems or hardware requirements and are often circumvented by increasingly sophisticated attack techniques. This paper focuses on securing applications that are built on and run on the Reduced Instruction Set Computer Five (RISC-V pronounced risk-five) architecture, which is fast becoming popular on embedded devices such as smartphones, tablets, or other Internet of Things. Studies have revealed different threats that could emerge in an environment that is based on RISC-V architecture, drawing attention to growing demands for more resilient protections for RISC-V binaries. A concept based on Control Flow Integrity (CFI) appears to give promising solutions to control flow hijacks via various forms of implementation. The innovation in this research proposes an implementation of CFI with scrambled labels and logging of rogue attempts on vulnerable RISC-V-based applications. This would subsequently be extended for peer/reciprocal monitoring between similar binaries on RISC-V platforms.