AntiExploit is a software solution designed to make the process of exploitation of 0- and 1-day vulnerabilities and those vulnerabilities related to memory corruption extremely difficult or even impossible for an attacker.
We conducted an in-depth analysis of both a threat model and an attacker model related to embedded and smart devices (in fact to most of them, while exceptions are still a thing), which are used in IoT and IIoT. They differ from those used with desktops, laptops, and cellphones.
are complete solutions, which usually just can’t be extended (i.e. there is no way to install additional software). They perform a pre-defined set of operations but nothing more
have limited resources (CPU/memory)
have no user interface, as we know it
are available via a network only (Ethernet, wi-fi, Bluetooth, etc)
usually work on *nix based OS
work on RISC processors for energy saving reasons
an overwhelming majority of codes are written on C/C++ for higher system performance, when it comes to compilation
as a rule have a long uptime and are rarely rebooted (e.g. during process windows)
Protection against remote attacks is must-do sphere of embedded devices security.
As the result of our researches we’d managed to adopt the best techniques of counter-acting exploitation to the unique nature of embedded devices. We’d never lost sight of specific features of these devices hardware, which made it possible for us to create a special technology, which combines both high performance and efficiency in itself.
The product include two stages. Analysis of protected files and generation of metadata, which is required by a device to load protected files, are conducted at the preprocessing stage. This data allows boosting those security mechanisms that were not employed or enabled and implementing moving target defence.
There have always been a lot of vulnerabilities, and, no doubt, there will always be. Even a small vulnerability exploitation may lead to a system infection. Unfortunately, it is just impossible to get rid of vulnerabilities completely. However, there is a way to deter a threat of a successful exploitation.
It will be either extremely difficult for an attacker to perform successful attacks on a device, or even beyond the bounds of possibility. In this kind of a situation the best result an attacker can achieve is reboot of the device wich would remain uncompromised and uninfected.
We turn any attack into a failure.
- a device does not become a part of botnet
- a device becomes more credible to user (they entrust their own data to a device)
- a device is no longer a tempting target for an attacker
Advantages for developers:
- reduced costs on building and supporting their security teams
- extra amount of time to make security fixes
- opportunity to fully concentrate on a product development
- simple and elegant solution that makes a negligible impact on a device output
- No source code modifications
- Static and Load-time instrumentation
- Minimal CPU overhead
- Protection against Code injection attacks
- Innovative Fine-Grained ASLR
- Techniques against Code reuse attacks
- Defense against remote infection through Memory Corruption Attacks
- Flexible configuration
- Low cost enforcement defense
- Not carried out at run-time
- Load-time diversification approaches
- Stops Control-flow hijack attack
- Closing patch gaps
- Does not require any updates or a teaching phase
- Minimizes damage to an unpatched system
You have now specific security team or not using an SDL. But we've yet to meet someone who could write code without a single mistake.
Or let's suppose another situation: there is an unsupported device or a device with proprietary libraries with unpatched vulnerabilities.
Unsuccessful attempt to exploit the vulnerability.