SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Using Memory Errors to Attack a Virtual Machine
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
The dynamic behavior of a data dissemination protocol for network programming at scale
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Harbor: software-based memory protection for sensor nodes
Proceedings of the 6th international conference on Information processing in sensor networks
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Automating mimicry attacks using static binary analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Towards self-propagate mal-packets in sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Improving sensor network immunity under worm attacks: a software diversity approach
Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing
Code injection attacks on harvard-architecture devices
Proceedings of the 15th ACM conference on Computer and communications security
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
| Hi-index | 0.00 |
Since sensors do not have a sophisticated hardware architecture or an operating system to manage code for safety, attacks injecting code to exploit memory-related vulnerabilities can present threats to sensor applications. In a sensor's simple memory architecture, injected code can alter the control flow of a sensor application to either misuse existing routines or download other malicious code to achieve attacks. To protect the control flow, this paper proposes a self-healing scheme that can detect attacks attempting to alter the control flow and then recover sensor applications to normal operations with minimum overhead. The self-healing scheme embeds diversified protection code at particular locations to enforce access control in program memory. Both the access control code and the recovery code are designed to be resilient to control flow attacks that attempt to evade the protection. Furthermore, the self-healing scheme directly processes application code at the machine instruction level, instead of performing control or data analysis on source code. The implementation and evaluation show that the self-healing scheme is lightweight in protecting sensor applications.