Prevention Method for Stack Buffer Overflow Attack in TA Command Calls in OP-TEE

Shiba, Kaito; Kuzuno, Hiroki; Yamauchi, Toshihiro

doi:10.1109/candarw60564.2023.00052

Permalink : https://ousar.lib.okayama-u.ac.jp/68934

ID	68934
著者	Shiba, Kaito Graduate School of Natural Science and Technology, Okayama University Kuzuno, Hiroki Graduate School of Engineering, Kobe University Yamauchi, Toshihiro Faculty of Environmental, Life, Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
抄録	TEE systems provide normal world and secure world. It is impossible to gain access to the secure world directly from the normal world. However, vulnerabilities in the secure world can cause attacks to compromise the secure world. In this study, we investigate the security features applied to trusted applications (TA) in OP-TEE and clarify the lack of protection against stack buffer overflow in TA command calls. We also propose a method for preventing attacks that exploit stack buffer overflows in TA command calls. In addition, the experimental results show that attacks on the vulnerable TAs can be prevented with the proposed method and the overhead can be evaluated.
キーワード	Trusted execution environment Stack overflow prevention method System security
備考	© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. This fulltext file will be available in Feb. 2026.
発行日	2023-11-27
出版物タイトル	2023 Eleventh International Symposium on Computing and Networking Workshops (CANDARW)
出版者	IEEE
開始ページ	274
終了ページ	278
ISSN	2832-1324
資料タイプ	会議発表論文
言語	英語
OAI-PMH Set	岡山大学
著作権者	© 2023 IEEE.
論文のバージョン	author
DOI	10.1109/candarw60564.2023.00052
関連URL	isVersionOf https://doi.org/10.1109/candarw60564.2023.00052
Citation	K. Shiba, H. Kuzuno and T. Yamauchi, "Prevention Method for Stack Buffer Overflow Attack in TA Command Calls in OP-TEE," 2023 Eleventh International Symposium on Computing and Networking Workshops (CANDARW), Matsue, Japan, 2023, pp. 274-278, doi: 10.1109/CANDARW60564.2023.00052.
助成情報	JPMJPR1938: IoT機器の実行環境の隔離を実現するIoT基盤ソフトウェアの構築 ( 国立研究開発法人科学技術振興機構 / Japan Science and Technology Agency ) 22H03592: 機器毎のソフトウェア構成変更による攻撃難化と攻撃耐性を持つ基盤ソフトウェアの研究 ( 独立行政法人日本学術振興会 / Japan Society for the Promotion of Science )