Home

From Prey to Hunter: Transforming Legacy Embedded Devices into Exploitation Sensor Grids

Ang Cui; Jatin Kataria; Salvatore Stolfo

Title:
From Prey to Hunter: Transforming Legacy Embedded Devices into Exploitation Sensor Grids
Author(s):
Cui, Ang
Kataria, Jatin
Stolfo, Salvatore
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
Proceedings of the 27th Annual Computer Security Applications Conference
Publisher:
ACM
Publisher Location:
New York
Abstract:
Our global communication infrastructures are powered by large numbers of legacy embedded devices. Recent advances in offensive technologies targeting embedded systems have shown that the stealthy exploitation of high-value embedded devices such as router and firewalls is indeed feasible. However, little to no host-based defensive technology is available to monitor and protect these devices, leaving large numbers of critical devices defenseless against exploitation. We devised a method of augmenting legacy embedded devices, like Cisco routers, with host-based defenses in order to create a stealthy, embedded sensor-grid capable of monitoring and capturing real-world attacks against the devices which constitute the bulk of the Internet substrate. Using a software mechanism which we call the Symbiote, a white-list based code modification detector is automatically injected in situ into Cisco IOS, producing a fully functional router firmware capable of detecting and capturing successful attacks against itself for analysis. Using the Symbiote-protected router as the main component, we designed a sensor system which requires no modification to existing hardware, fully preserves the functionality of the original firmware, and detects unauthorized modification of memory within 450 ms. We believe that it is feasible to use the techniques described in this paper to inject monitoring and defensive capability into existing routers to create an early attack warning system to protect the Internet substrate.
Subject(s):
Computer science
Publisher DOI:
http://dx.doi.org/10.1145/2076732.2076788
Item views:
102
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use