IRQDebloat: Reducing Driver Attack Surface in Embedded Devices

Zhenghao Hu, Brendan Dolan-Gavitt

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Embedded and IoT devices often come with a wide range of hardware functionality, but any particular end user may only use some small subset of these features. However, even unused hardware features are accompanied by potentially buggy driver code, which increases the attack surface of the device. In this paper, we introduce IRQDebloat, a system for disabling unwanted hardware features through automated firmware rewriting. Building on the insight that external inputs to the system are typically delivered through interrupt requests (IRQs), IRQDebloat systematically explores the interrupt handling code in the target firmware, identifies the handler function for each peripheral, and finally rewrites target firmware to disable the handlers that correspond to undesired hardware features. In our experiments we demonstrate IRQDebloat's effectiveness and generality by identifying IRQ handlers across four different operating systems (Linux, FreeBSD, VxWorks, and RiscOS) and seven different embedded platforms, and disabling selected peripherals on real-world hardware (a Raspberry Pi and a Valve Steam Link). On the Steam Link, we survey the attack surface and find that disabling selected peripherals could block up to 44 CVEs found in the Linux kernel over the past five years.

    Original languageEnglish (US)
    Title of host publicationProceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages1608-1622
    Number of pages15
    ISBN (Electronic)9781665413169
    DOIs
    StatePublished - 2022
    Event43rd IEEE Symposium on Security and Privacy, SP 2022 - San Francisco, United States
    Duration: May 23 2022May 26 2022

    Publication series

    NameProceedings - IEEE Symposium on Security and Privacy
    Volume2022-May
    ISSN (Print)1081-6011

    Conference

    Conference43rd IEEE Symposium on Security and Privacy, SP 2022
    Country/TerritoryUnited States
    CitySan Francisco
    Period5/23/225/26/22

    Keywords

    • binary-analysis
    • debloating
    • embedded-security

    ASJC Scopus subject areas

    • Safety, Risk, Reliability and Quality
    • Software
    • Computer Networks and Communications

    Fingerprint

    Dive into the research topics of 'IRQDebloat: Reducing Driver Attack Surface in Embedded Devices'. Together they form a unique fingerprint.

    Cite this