Zero-Day Hardware-Supported Malware Detection of Stack Buffer Overflow Attacks: An Application Exploiting the CV32e40p RISC-V Core

The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This stud...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2025 IEEE 26th Latin American Test Symposium (LATS) s. 1 - 6
Hlavní autori: Chenet, Cristiano Pegoraro, Savino, Alessandro, Di Carlo, Stefano
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 11.03.2025
Predmet:
Accuracy
Buffer overflows
Computer architecture
Cybersecurity
Detectors
Hardware
hardware-based detection
Malware
Principal component analysis
Protection
Real-time systems
Resists
RISC-V
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This study explores Hardware-Supported Malware Detection (HMD) techniques for identifying these security threats. Using the CV32e40p RISC-V platform, we conducted simulations to assess the effectiveness of anomaly-based HMD methods in detecting SBO attacks by analyzing hardware microarchitectural events. The findings demonstrate the potential of these approaches but also reveal significant challenges in detection performance. These elements are essential for advancing the security capabilities of HMD systems in RISC-V environments.
DOI:10.1109/LATS65346.2025.10963939