One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices
Marco Chilese, Richard Mitev, Meni Orenbach, Robert Thorburn, Ahmad Atamli, Ahmad-Reza Sadeghi
IEEE Symposium on Security and Privacy 2024 · Day 3 · Continental Ballroom 5
This talk introduces RAGE, a novel approach to **control-flow attestation (CFA)** for embedded devices that leverages **Graph Neural Networks (GNNs)** to detect **code reuse attacks** like **Return-Oriented Programming (ROP)** and **Data-Oriented Programming (DOP)**. Presented by Marco Chilese and his colleagues from the Technical University of Darmstadt, Nvidia, and the University of Southampton, this work addresses the escalating security challenges posed by the proliferation of IoT devices and the increasing sophistication of remote code execution vulnerabilities. Traditional CFA schemes often suffer from limitations such as requiring complete control-flow graphs, risking information leakage, or necessitating custom hardware, making them unsuitable for resource-constrained, off-the-shelf embedded systems.
AI review
This work introduces RAGE, a groundbreaking GNN-based control-flow attestation scheme that elegantly solves critical limitations in embedded device security. By leveraging unsupervised VGAEs, it detects sophisticated ROP/DOP attacks without relying on complete CFGs, custom hardware, or risking information leakage, making it highly practical for resource-constrained IoT.