Full Program »
Randezvous: Making Randomization Effective on MCUs
Internet-of-Things devices such as autonomous vehicular sensors, medical devices, and industrial cyber-physical systems commonly rely on small, resource-constrained microcontrollers (MCUs). MCU software is typically written in C and is prone to memory safety vulnerabilities that are exploitable by remote attackers to launch code reuse attacks and code/control data disclosure attacks.
We present Randezvous, a software diversification-based system that achieves a highly performant mitigation to such attacks and their brute force variants on ARM MCUs. Atop code/data layout randomization and an efficient execute-only code approach, Randezvous creates decoy pointers to camouflage control data in memory; code pointers residing in the stack are then protected by a diversified shadow stack, local-to-global variable promotion, and return address nullification. Furthermore, Randezvous adds a novel delayed reboot mechanism to slow down brute force attacks and mitigates control data spraying attacks via global guards. We demonstrate Randezvous's security by both statistically modeling memory-disclosure-equipped brute force attacks under Randezvous and crafting a proof-of-concept exploit that shows Randezvous's efficacy. Our evaluation of Randezvous shows low overhead on three benchmark suites and two real-world applications.