本文
No.2(2007)4.A software-based approach for improving security of embedded Linux systems using dynamic linkers
Mamoru Ohara, Hiroshi Okano
Growing number of embedded systems are connected to the Internet recently. For example, we can read E-mails and browse home pages with the digital TVs. Today, we have to consider the network security of such networked embedded systems. Traditional security techniques used in PCs are often too complicated to apply them to the embedded systems because the embedded systems are usually poor in hardware resources. We also have difficulties in developing general-purpose secure hardware for the embedded systems due to the wide variety of their hardware constructions. In this paper, we propose a software approach to improve network security of the embedded systems. We made alternations to a Linux dynamic linker, which is a part of the programming language processors, so that the linker dynamically modifies codes in insecure programs just before running them. We implemented the dynamic linker for a testbed system consisting of the ARM processor and embedded Linux and examined the effectiveness of the proposed technique by running some programs having buffer-overflow vulnerabilities. We could confirm that the dynamic linker could detect the attacks to the vulnerabilities and gracefully handle them.
Keywords
embedded systems, embedded Linux, security, stack-smashing attacks, dynamic linkers
