Fine-grained Internet of Things equipment control flow protection method

An Internet of Things device and control flow technology, which is applied in the field of Internet of Things and information security, can solve problems such as code reuse attacks and encryption methods that are too simple, achieve precise control flow protection, improve protection security, and solve control flow contradictions.

Active Publication Date: 2021-02-05
NANJING UNIV OF SCI & TECH +1
View PDF4 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, there are still some defects in the existing cryptography-based device control flow integrity check scheme: 1) Coarse-grained check mechanism
Since all encryption and decryption are based on the same key, these illegal return addresses can also be successfully decrypted, thereby bypassing the control flow inspection mechanism and launching code reuse attacks
2) The encryption method is too simple

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fine-grained Internet of Things equipment control flow protection method
  • Fine-grained Internet of Things equipment control flow protection method
  • Fine-grained Internet of Things equipment control flow protection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0060] In this embodiment, the system architecture of the IoT device is as follows figure 1 As shown, a small number of hardware structures are introduced into the original architecture of IoT devices, including:

[0061] 1 PUF (Physically Unclonable Function) module, 4 registers (KEY_1, KEY_2, LEN_1, LEN_2), 1 exclusive OR unit (XOR), 1 authentication code calculation unit (HC), 1 address storage stack (SrcAddr Stack), 1 Authentication Code Verification Unit (HV).

[0062] Such as figure 2 As shown, a fine-grained IoT device control flow protection method, the specific implementation steps are as follows:

[0063] Step 101: IoT device initialization

[0064] Statically analyze the binary program of the device to obtain the program control flow graph (CFG) of the device, and use the PUF unit to generate the private PUF key k of the device 1 and k 2 , respectively stored in KEY_1 and KEY_2 registers, and at the same time set the encryption length in LEN_1 and LEN_2, which...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Internet of Things equipment control flow protection method. The control flow protection method comprises the following steps: (1) initializing equipment; (2) encrypting aninstruction; (3) judging the instruction; (4) acquiring an authentication code; (5) matching the authentication code; (6) de-encrypting the instruction. According to the invention, a cryptography-based method is used to protect integrity of the control flow of the execution program of the Internet of Things equipment, and the safety of the equipment during operation is effectively ensured; throughadoption of a method based on authentication code matching, protection of a return address is realized, and meanwhile, security of keys is ensured; meanwhile, by designing an encryption and decryption mechanism, the verification of the indirect jump instruction is realized, and the verification efficiency is improved; in addition, the design of a springboard is added, so that robustness of the scheme is greatly improved; control flow related information is added in calculation, encryption and decryption of the authentication code, so that protection granularity is enhanced, and runtime attackfaced by the equipment can be more comprehensively defended.

Description

technical field [0001] The invention belongs to the technical field of the Internet of Things and information security, and specifically relates to a control flow protection method of an Internet of Things device. Background technique [0002] Internet of Things (IoT) devices have been widely used in many important fields such as transportation, medicine, smart grid, smart city, industrial control, etc. However, while these IoT devices are convenient for us, they also pose a threat to user privacy and production security. IoT devices are often embedded devices with limited storage and computing resources and weak security defense capabilities. When they are connected to the Internet, the attack surface of attackers is increased, making IoT devices vulnerable to attacks. These attacks may lead to the paralysis of the industrial chain or the disclosure of private information. Runtime attacks, such as code reuse attacks, are among the most advanced attacks, which can hijack t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L9/32H04L29/06H04L9/06
CPCH04L9/0861H04L9/3242H04L9/3278H04L9/0894H04L9/3228H04L63/12H04L63/1441H04L9/0643
Inventor 丁纬佳付安民况博裕俞研陈思
Owner NANJING UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap