Compromising an IoT device based on Harvard architecture microcontroller
Krzysztof Cabaj , Grzegorz Mazur , Mateusz Nosek
AbstractThe paper describes the concept and implementation of an attack technique, targeting an Internet-connected device based on Arduino family board and modules with an ATmega microcontoller. Due to Harvard-like architecture of the microcontroller, the attack uses return-oriented programming principle, utilizing the pieces of firmware already contained in the memory of target device. We show that the routines present in the device are sufficient to convey a successful attack and change the device operation in the presence of buffer overflow backdoor to the firmware.
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.