Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Watchdog Monitoring for Detecting and Handling of Control Flow Hijack on RISC-V-based Binaries

Author 1: Toyosi Oyinloye
Author 2: Lee Speakman
Author 3: Thaddeus Eze
Author 4: Lucas O’Mahony

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2022.0130896

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 13 Issue 8, 2022.

Abstract: Control flow hijacking has been a major challenge in software security. Several means of protections have been developed but insecurities persist. This is because existing protections have sometimes been circumvented while some resilient protections do not cover all applications. Studies have revealed that a holistic way of tackling software insecurity could involve watchdog monitoring and detection via Control Flow Integrity (CFI). The CFI concept has shown a good measure of reliability to mitigate control flow hijacking. However, sophisticated attack techniques in the form of Return Oriented Programming (ROP) have persisted. A flexible protection is desirable, which not only covers as many architecture structures as possible but also mitigates known resilient attacks like ROP. The solution proffered here is a hybrid of CFI and watchdog timing via inter-process signaling (IP-CFI). It is a software-based protection that involves recompilation of the target program. The implementation here is on vulnerable RISC-V-based process but is flexible and could be adapted on other architectures. We present a proof of concept in IP-CFI which when applied to a vulnerable program, ROP is mitigated. The target program incurs a run-time overhead of 1.5%. The code is available.

Keywords: Watchdog; return oriented programming; RISC-V; control flow integrity; software security

Toyosi Oyinloye, Lee Speakman, Thaddeus Eze and Lucas O’Mahony, “Watchdog Monitoring for Detecting and Handling of Control Flow Hijack on RISC-V-based Binaries” International Journal of Advanced Computer Science and Applications(IJACSA), 13(8), 2022. http://dx.doi.org/10.14569/IJACSA.2022.0130896

@article{Oyinloye2022,
title = {Watchdog Monitoring for Detecting and Handling of Control Flow Hijack on RISC-V-based Binaries},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2022.0130896},
url = {http://dx.doi.org/10.14569/IJACSA.2022.0130896},
year = {2022},
publisher = {The Science and Information Organization},
volume = {13},
number = {8},
author = {Toyosi Oyinloye and Lee Speakman and Thaddeus Eze and Lucas O’Mahony}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2023

2-3 March 2023

Computing Conference 2023

22-23 June 2023

IntelliSys 2023

7-8 September 2023

Future Technologies Conference (FTC) 2023

2-3 November 2023