Run-time attacks against programs written in memory-unsafe programming languages (e.g., C and C++) remain a prominent threat against computer systems. Software defenses against run-time attacks can offer strong security guarantees, but their usefulness is limited by high performance overhead, or requiring significant changes to system software architecture. Consequently, deployed solutions trade off security for performance. Hardware-assisted defenses can drastically improve the efficiency of attack detection. The prevalence of advanced attack techniques (e.g, ROP) in modern run-time exploitation has prompted major processor vendors to integrate security primitives into their processor designs to thwart specific attacks efficiently.
The goal of the Hardware-assisted Runtime Protection (HARP) project is to study and develop hardware-assisted technologies that can be used to harden computer systems against modern run-time attacks. We also investigate how hardware-assisted defenses being deployed in the near future can be applied in novel ways to improve existing defenses.
- Research Topics
- Doctoral Dissertations
- Master’s Theses
- Demos & Posters
- Find us on github!
Research topics in this are include:
Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature and only check whether benign software is initially loaded on the prover. However, they are vulnerable to runtime attacks that hijack the application’s control or data flow, e.g., via return-oriented programming or data-oriented exploits.
As a concrete step towards more comprehensive runtime remote attestation, we present the design and implementation of Control- FLow ATtestation (C-FLAT)  that enables remote attestation of an application’s control-flow path, without requiring the source code. We describe a full prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone hardware security extensions. We evaluate C-FLAT’s performance using a real-world embedded (cyber-physical) application, and demonstrate its efficacy against control-flow hijacking attacks.
Software-based control-flow attestation however requires instrumentation of the attested software, which can incur high performance overheads. To overcome these limitations, in follow-up work we present LO-FAT , the first practical hardware-based approach to control-flow attestation. By leveraging existing processor hardware features and commonly-used IP blocks, our approach enables efficient control-flow attestation without requiring software instrumentation. We show that our proof-of-concept implementation based on a RISC-V SoC incurs no processor stalls and requires reasonable area overhead.
Hardware-supported Call and Return Enforcement for Commercial Microcontrollers 
With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection mechanisms for traditional computing environments (including CFI) need to be adapted to the IoT setting. In this paper, we describe the challenges of enabling CFI on microcontroller (MCU) based IoT devices. We then present CaRE , the first interrupt-aware CFI scheme for low-end MCUs. CaRE uses a novel way of protecting the CFI metadata by leveraging TrustZone-M security extensions introduced in the ARMv8-M architecture. Its binary instrumentation approach preserves the memory layout of the target MCU software, allowing pre-built bare-metal binary code to be protected by CaRE. We describe our implementation on a Cortex-M Prototyping System and demonstrate that CaRE is secure while imposing acceptable performance and memory impact.
A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the control flow of the code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented programming (DOP) demonstrated highly expressive (Turing-complete) attacks, even in the presence of these state-of-the-art defenses. Although multiple real-world DOP attacks have been demonstrated, no efficient defenses are yet available. We propose run-time scope enforcement (RSE) , a novel approach designed to efficiently mitigate all currently known DOP attacks by enforcing compile-time memory safety constraints (e.g., variable visibility rules) at run-time. We present HardScope , a proof-of-concept implementation of hardware-assisted RSE for the new RISC-V open instruction set architecture. We discuss our systematic empirical evaluation of HardScope which demonstrates that it can mitigate all currently known DOP attacks, and has a real-world performance overhead of 3.2% in embedded benchmarks.
The prevalence of techniques like return-oriented programming (ROP) in attacking real-world systems has prompted major processor manufacturers to design hardware-based countermeasures against specific classes of run-time attacks. An example is the recently added support for pointer authentication (PA) in the ARMv8-A processor architecture, commonly used in devices like smartphones. PA is a low-cost technique to authenticate pointers so as to resist memory vulnerabilities. It has been shown to enable practical protection against memory vulnerabilities that corrupt return addresses or function pointers. However, so far, PA has received very little attention as a general purpose protection mechanism to harden software against various classes of memory attacks.
We use PA to build novel defenses against various classes of run-time attacks, including the first PA-based mechanism for data pointer integrity. We present PARTS , an instrumentation framework that integrates our PA-based defenses into the LLVM compiler and the GNU/Linux operating system and show, via systematic evaluation, that PARTS provides better protection than current solutions at a reasonable performance overhead.
We also present authenticated call stack (ACS ), an approach that uses chained message authentication codes (MACs) to protect return address stored on the stack without requiring additional hardware support. PACStack  is a realization of ACS on the ARMv8.3-A architecture, using PA. Via a rigorous security analysis, we show that PACStack achieves security comparable to hardware-assisted shadow stacks without requiring dedicated hardware. We demonstrate that PACStack’s performance overhead is negligible (<1%).
- T. Abera, N. Asokan , L. Davi , J-E. Ekberg, T. Nyman , A. Paverd , A-R. Sadeghi and G. Tsudik: C-FLAT: Control-Flow Attestation for Embedded Systems Software. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS ’16). ACM, New York, NY, USA, 743-754.
Technical report available at: https://arxiv.org/abs/1605.07763
- G. Dessouky, S. Zeitouni, T. Nyman, A. Paverd, L. Davi, P. Koeberl, N. Asokan and A-R. Sadeghi. LO-FAT: Low-Overhead Control Flow ATtestation in Hardware. In Proceedings of the 54th Annual Design Automation Conference 2017 (DAC ’17). ACM, New York, NY, USA, Article 24, 6 pages.
Technical report available at: https://arxiv.org/abs/1706.03754
- T. Nyman, J-E. Ekberg, L. Davi and N. Asokan: CFI CaRE: Hardware-supported Call and Return Enforcement for Commercial Microcontrollers. In: Dacier M., Bailey M., Polychronakis M., Antonakakis M. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2017. Lecture Notes in Computer Science, vol 10453. Springer, Cham, 259-284.
Technical report available at: https://arxiv.org/abs/1706.05715
- T. Nyman. G. Dessouky, S. Zeitouni. A. Lehikoinen, A. Paverd, N. Asokan and A-R. Sadeghi. HardScope: Thwarting DOP attacks with Hardware-assisted Run-time Scope Enforcement.
Technical report available at: https://arxiv.org/abs/1705.10295
- T. Nyman. G. Dessouky, S. Zeitouni. A. Lehikoinen, A. Paverd, N. Asokan and A-R. Sadeghi. HardScope: Hardening Embedded Systems Against Data-Oriented Attacks. In Proceedings of the 56th Annual Design Automation Conference (DAC ’19). ACM New York, USA, Article No. 63, 6 pages.
- H. Liljestrand, T. Nyman, K. Wang, C. C. Perez, J-E. Ekberg, N. Asokan. PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. The 28th USENIX Security Symposium (USENIX Security ’19). Technical report available at: https://arxiv.org/abs/1811.09189
- H. Liljestrand, T. Nyman, J-E. Ekberg, N. Asokan. Late Breaking Results: Authenticated Call Stack. In Proceedings of the 56th Annual Design Automation Conference (DAC ’19). ACM New York, USA, Article No. 223, 2 pages.
- H. Liljestrand, Z. Gauhar, T. Nyman, J-E. Ekberg, N. Asokan. Protecting the stack with PACed canaries
In the 4th Workshop on System Software for Trusted Execution (SysTEX 2019)
Technical report available at: https://arxiv.org/abs/1909.05747
- H. Liljestrand, T. Nyman, L. J. Gunn, J-E. Ekberg, N. Asokan. PACStack: an Authenticated Call Stack.
To appear in the 30th USENIX Security Symposium (USENIX Security 2021). Technical report available https://arxiv.org/abs/1905.10242
- Hans Liljestrand: Hardware-assisted memory safety, Aalto University, 2020
- Thomas Nyman: Toward Hardware-assisted Run-time Protection, Aalto University, 2020
- Aaro Lehikoinen: HardScope: Run-time Variable Scope Enforcement as a Defense Against Data-oriented Programming Attacks, Helsinki University, 2017.
- Zaheer Gauhar: Pointer Authentication for Memory Protection: Stack Canaries and Beyond, Aalto University, 2019.
Demo’s & Posters
- Secure Systems Group Demo Day 2016 – C-FLAT: Control Flow Attestation for Embedded Systems Software (May 26, 2016 Aalto University, Finland) poster
- Secure Systems Group Demo Day 2017 – CFI CaRE: Hardware-supported Call and Return Enforcement for Commercial Microcontrollers
- Secure Systems Group Demo Day 2017 – Hardware enforced scoping
- Secure Systems Group Demo Day 2018 – HardScope: Hardware-assisted Run-time Scope Enforcement poster
- Secure Systems Group Demo Day 2018 – PARTS: Code- and Data-flow Integrity using ARM Pointer Authentication poster
- Secure Systems Group Demo Day 2019 – HardScope: Protecting Embedded Systems Against Data-Oriented Attacks poster
- Secure Systems Group Demo Day 2019 – PARTS: Code- and Data-flow Integrity using ARM Pointer Authentication poster
- Secure Systems Group Demo Day 2019 – PACStack: Authenticated Call Stack poster
- ACM Design Automation Conference (DAC), 2019 – Late Breaking Results: Authenticated Call Stack (June 5, 2019 – Las Vegas, NV, USA) – poster
- “Hardware-assisted run-time protection” abridged version of Sep 2019 [pdf]
- “Hardware-assisted runtime protection: Pointer Authentication and beyond”, Android Security and Privacy Research Summit (28 February, 2020, Mountain View, CA, USA) [pdf]
Find us on github!
- C-FLAT: https://github.com/control-flow-attestation/
- HardScope: https://github.com/runtime-scope-enforcement/
- Pointer Authentication: https://github.com/pointer-authentication
- PACStack: https://github.com/pacstack
- PCAN: https://github.com/pointer-authentication/PCan-LLVM