CToMP:a cycle-task-oriented memory protection scheme for unmanned systems  

作　　者：Chengyan MA Ning XI Di LU Yebo FENG Jianfeng MA 

机构地区：[1]School of Cyber Engineering,Xidian University,Xi'an 710071,China [2]School of Computer Science and Technology,Xidian University,Xi'an 710071,China [3]Department of Computer and Information Science,University of Oregon,Eugene 97403,USA

出　　处：《Science China(Information Sciences)》2024年第6期395-413,共19页中国科学（信息科学）（英文版）

基　　金：supported by Key Program of the National Natural Science Foundation of China(Grant No.62232013);Fundamental Research Funds for the Central Universities(Grant Nos.ZYTS23202,YJSJ23007);Major Research Plan of the National Natural Science Foundation of China(Grant No.92267204);National Natural Science Foundation of China(Grant No.62372350);Key Research and Development Program of Shaanxi(Grant No.2023-ZDLGY-52);Key R&D Program of Shandong Province,China(Grant No.2023CXPT056);Shenzhen Science and Technology Program(Grant No.CJGJZD20220517142005013)。

摘　　要：Memory corruption attacks(MCAs)refer to malicious behaviors of system intruders that modify the contents of a memory location to disrupt the normal operation of computing systems,causing leakage of sensitive data or perturbations to ongoing processes.Unlike general-purpose systems,unmanned systems cannot deploy complete security protection schemes,due to their limitations in size,cost and performance.MCAs in unmanned systems are particularly difficult to defend against.Furthermore,MCAs have diverse and unpredictable attack interfaces in unmanned systems,severely impacting digital and physical sectors.In this paper,we first generalize,model and taxonomize MCAs found in unmanned systems currently,laying the foundation for designing a portable and general defense approach.According to different attack mechanisms,we found that MCAs are mainly categorized into two types—return2libc and return2shellcode.To tackle return2libc attacks,we model the erratic operation of unmanned systems with cycles and then propose a cycle-task-oriented memory protection(CToMP)approach to protect control flows from tampering.To defend against return2shellcode attacks,we introduce a secure process stack with a randomized memory address by leveraging the memory pool to prevent Shellcode from being executed.Moreover,we discuss the mechanism by which CTo MP resists the return-oriented programming(ROP)attack,a novel variant of return2libc attacks.Finally,we implement CTo MP on CUAV V5+with Ardupilot and Crazyflie.The evaluation and security analysis results demonstrate that the proposed approach CTo MP is resilient to various MCAs in unmanned systems with low footprints and system overhead.

关 键 词：unmanned system memory corruption attack memory protection system security randomized memory address 

分 类 号：TP333[自动化与计算机技术—计算机系统结构] TP309[自动化与计算机技术—计算机科学与技术]