Code Decoupling Execution Isolating Based on TF Card Firmware Extension

Zhiwei Shi; Tian Chen; Yuan Xue; Yuanzhang Li; Quanxin Zhang; Yu An Tan; Jingjing Hu

doi:10.1109/DSC53577.2021.00063

Code Decoupling Execution Isolating Based on TF Card Firmware Extension

Zhiwei Shi, Tian Chen, Yuan Xue^*, Yuanzhang Li, Quanxin Zhang, Yu An Tan, Jingjing Hu

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Currently, most of the research on code protection is focused on a single execution domain. The penetration and cracking means for this single execution environment pose great challenges to the secure execution of the code. For example, fuzzy testing and symbolic execution can effectively discover code vulnerabilities. Page execution attribute protection can be bypassed using the Return-oriented programming (ROP) attack or other ways. This paper proposes an asymmetric heterogeneous execution environment based on TF card firmware extension for the secure code. By modifying the TF card firmware to decouple the security-critical code to the host CPU and a TF card controller, the critical code runs separately in two or more execution environments. It can effectively fight against the penetration for a single execution environment, enhance the anti-analysis, anti-penetration and anti-cracking abilities, and provide reliable protection for the operation of core critical devices, including servers and embedded systems.

Original language	English
Title of host publication	Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	403-408
Number of pages	6
ISBN (Electronic)	9781665418157
DOIs	https://doi.org/10.1109/DSC53577.2021.00063
Publication status	Published - 2021
Event	6th IEEE International Conference on Data Science in Cyberspace, DSC 2021 - ShenZhen, China Duration: 9 Oct 2021 → 11 Oct 2021

Publication series

Name	Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021

Conference

Conference	6th IEEE International Conference on Data Science in Cyberspace, DSC 2021
Country/Territory	China
City	ShenZhen
Period	9/10/21 → 11/10/21

Keywords

TF card firmware extension
asymmetric heterogeneous
decoupling
execution environment
secure code

Access to Document

10.1109/DSC53577.2021.00063

Cite this

Shi, Z., Chen, T., Xue, Y., Li, Y., Zhang, Q., Tan, Y. A., & Hu, J. (2021). Code Decoupling Execution Isolating Based on TF Card Firmware Extension. In Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021 (pp. 403-408). (Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSC53577.2021.00063

Shi, Zhiwei ; Chen, Tian ; Xue, Yuan et al. / Code Decoupling Execution Isolating Based on TF Card Firmware Extension. Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 403-408 (Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021).

@inproceedings{ced4bd53829749a9b56785b1ece8f106,

title = "Code Decoupling Execution Isolating Based on TF Card Firmware Extension",

abstract = "Currently, most of the research on code protection is focused on a single execution domain. The penetration and cracking means for this single execution environment pose great challenges to the secure execution of the code. For example, fuzzy testing and symbolic execution can effectively discover code vulnerabilities. Page execution attribute protection can be bypassed using the Return-oriented programming (ROP) attack or other ways. This paper proposes an asymmetric heterogeneous execution environment based on TF card firmware extension for the secure code. By modifying the TF card firmware to decouple the security-critical code to the host CPU and a TF card controller, the critical code runs separately in two or more execution environments. It can effectively fight against the penetration for a single execution environment, enhance the anti-analysis, anti-penetration and anti-cracking abilities, and provide reliable protection for the operation of core critical devices, including servers and embedded systems.",

keywords = "TF card firmware extension, asymmetric heterogeneous, decoupling, execution environment, secure code",

author = "Zhiwei Shi and Tian Chen and Yuan Xue and Yuanzhang Li and Quanxin Zhang and Tan, {Yu An} and Jingjing Hu",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 6th IEEE International Conference on Data Science in Cyberspace, DSC 2021 ; Conference date: 09-10-2021 Through 11-10-2021",

year = "2021",

doi = "10.1109/DSC53577.2021.00063",

language = "English",

series = "Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "403--408",

booktitle = "Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021",

address = "United States",

}

Shi, Z, Chen, T, Xue, Y, Li, Y , Zhang, Q , Tan, YA & Hu, J 2021, Code Decoupling Execution Isolating Based on TF Card Firmware Extension. in Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021. Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021, Institute of Electrical and Electronics Engineers Inc., pp. 403-408, 6th IEEE International Conference on Data Science in Cyberspace, DSC 2021, ShenZhen, China, 9/10/21. https://doi.org/10.1109/DSC53577.2021.00063

Code Decoupling Execution Isolating Based on TF Card Firmware Extension. / Shi, Zhiwei; Chen, Tian; Xue, Yuan et al.
Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 403-408 (Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Code Decoupling Execution Isolating Based on TF Card Firmware Extension

AU - Shi, Zhiwei

AU - Chen, Tian

AU - Xue, Yuan

AU - Li, Yuanzhang

AU - Zhang, Quanxin

AU - Tan, Yu An

AU - Hu, Jingjing

PY - 2021

Y1 - 2021

N2 - Currently, most of the research on code protection is focused on a single execution domain. The penetration and cracking means for this single execution environment pose great challenges to the secure execution of the code. For example, fuzzy testing and symbolic execution can effectively discover code vulnerabilities. Page execution attribute protection can be bypassed using the Return-oriented programming (ROP) attack or other ways. This paper proposes an asymmetric heterogeneous execution environment based on TF card firmware extension for the secure code. By modifying the TF card firmware to decouple the security-critical code to the host CPU and a TF card controller, the critical code runs separately in two or more execution environments. It can effectively fight against the penetration for a single execution environment, enhance the anti-analysis, anti-penetration and anti-cracking abilities, and provide reliable protection for the operation of core critical devices, including servers and embedded systems.

AB - Currently, most of the research on code protection is focused on a single execution domain. The penetration and cracking means for this single execution environment pose great challenges to the secure execution of the code. For example, fuzzy testing and symbolic execution can effectively discover code vulnerabilities. Page execution attribute protection can be bypassed using the Return-oriented programming (ROP) attack or other ways. This paper proposes an asymmetric heterogeneous execution environment based on TF card firmware extension for the secure code. By modifying the TF card firmware to decouple the security-critical code to the host CPU and a TF card controller, the critical code runs separately in two or more execution environments. It can effectively fight against the penetration for a single execution environment, enhance the anti-analysis, anti-penetration and anti-cracking abilities, and provide reliable protection for the operation of core critical devices, including servers and embedded systems.

KW - TF card firmware extension

KW - asymmetric heterogeneous

KW - decoupling

KW - execution environment

KW - secure code

UR - http://www.scopus.com/inward/record.url?scp=85128741284&partnerID=8YFLogxK

U2 - 10.1109/DSC53577.2021.00063

DO - 10.1109/DSC53577.2021.00063

M3 - Conference contribution

AN - SCOPUS:85128741284

T3 - Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021

SP - 403

EP - 408

BT - Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 6th IEEE International Conference on Data Science in Cyberspace, DSC 2021

Y2 - 9 October 2021 through 11 October 2021

ER -

Shi Z, Chen T, Xue Y, Li Y , Zhang Q , Tan YA et al. Code Decoupling Execution Isolating Based on TF Card Firmware Extension. In Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 403-408. (Proceedings - 2021 IEEE 6th International Conference on Data Science in Cyberspace, DSC 2021). doi: 10.1109/DSC53577.2021.00063

Code Decoupling Execution Isolating Based on TF Card Firmware Extension

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this