Run-Time ROP Attack Detection on Embedded Devices Using Side Channel Power Analysis

Jinyao Xu; Danny Abraham; Ian G. Harris

Run-Time ROP Attack Detection on Embedded Devices Using Side Channel Power Analysis

Jinyao Xu, Danny Abraham, Ian G. Harris

Published: 01 Jan 2024, Last Modified: 19 Feb 2025IEEE Embed. Syst. Lett. 2024EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: Return-oriented programming (ROP) have emerged as great threats to the modern embedded systems. ROP attacks can be used to either bypass credential verification or modify RAM contents. In this letter, we introduce a simple side-channel technique for the run-time ROP detection. We use processors’ power consumption pattern as an indicator for the potential ROP attacks, which can be deployed across different platforms. We avoid the computational complexities of training machine learning models by using a simple linear comparison algorithm to compare the known and unknown power patterns to discern anomalies. For evaluation, we implement both the ROP attacks in multiple scenarios on the benchmarks with various complexity levels. We demonstrate the robustness of our approach and also outline some potential overheads that the approach incurs for the run-time ROP detection.

Loading