Zero-Day Hardware-Supported Malware Detection of Stack Buffer Overflow Attacks: An Application Exploiting the CV32e40p RISC-V Core

The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This stud...

Full description

Saved in:
Bibliographic Details
Published in:2025 IEEE 26th Latin American Test Symposium (LATS) pp. 1 - 6
Main Authors: Chenet, Cristiano Pegoraro, Savino, Alessandro, Di Carlo, Stefano
Format: Conference Proceeding
Language:English
Published: IEEE 11.03.2025
Subjects:
Accuracy
Buffer overflows
Computer architecture
Cybersecurity
Detectors
Hardware
hardware-based detection
Malware
Principal component analysis
Protection
Real-time systems
Resists
RISC-V
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This study explores Hardware-Supported Malware Detection (HMD) techniques for identifying these security threats. Using the CV32e40p RISC-V platform, we conducted simulations to assess the effectiveness of anomaly-based HMD methods in detecting SBO attacks by analyzing hardware microarchitectural events. The findings demonstrate the potential of these approaches but also reveal significant challenges in detection performance. These elements are essential for advancing the security capabilities of HMD systems in RISC-V environments.
DOI:10.1109/LATS65346.2025.10963939