Zero-Day Hardware-Supported Malware Detection of Stack Buffer Overflow Attacks: An Application Exploiting the CV32e40p RISC-V Core

The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This stud...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2025 IEEE 26th Latin American Test Symposium (LATS) s. 1 - 6
Hlavní autoři: Chenet, Cristiano Pegoraro, Savino, Alessandro, Di Carlo, Stefano
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 11.03.2025
Témata:
Accuracy
Buffer overflows
Computer architecture
Cybersecurity
Detectors
Hardware
hardware-based detection
Malware
Principal component analysis
Protection
Real-time systems
Resists
RISC-V
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:The RISC-V architecture has become increasingly popular due to its open-source nature and flexibility, making it susceptible to various security attacks, such as Stack Buffer Overflow (SBO) attacks. It is crucial to effectively detect these attacks to ensure the security of RISC-V systems. This study explores Hardware-Supported Malware Detection (HMD) techniques for identifying these security threats. Using the CV32e40p RISC-V platform, we conducted simulations to assess the effectiveness of anomaly-based HMD methods in detecting SBO attacks by analyzing hardware microarchitectural events. The findings demonstrate the potential of these approaches but also reveal significant challenges in detection performance. These elements are essential for advancing the security capabilities of HMD systems in RISC-V environments.
DOI:10.1109/LATS65346.2025.10963939