Geek Answers Handbook

Are Harvard architecture computers immune to arbitrary code entry and attack?

Harvard architecture computers have separate codes and data memory. Does this make them immune to code injection attacks (since data cannot be executed as code)?

+7
security cpu-architecture
source share
6 answers

They are somewhat more stable than von Neumann architecture, but not completely. Each architecture has a transformation point where data begins to be processed as code. In Von Neumann, this happens immediately in the CPU, while in Harvard, this happens before the memory is reserved and declared for the module (or sometimes even before that when the file is prepared by the build system). This means that in Harvard architecture, a successful attack by code injection should be a little more complicated and contrived, but not necessarily impossible.

If you can put a file containing malicious code into the device’s memory (for example, the file system) and cause, say, a buffer overflow that will be redirected when it returns to the existing (valid, non-malicious) code that loads this malicious file as code , and if the architecture allows this file to start execution (for example, through a self-initialization procedure), this will be an example of a successful code injection.

+13
source share

This partly depends on what you consider a “code injection attack”.

Take an SQL injection attack, for example. The SQL query itself should never be in the executable part of the memory, because it is converted to its own code (or interpreted, or any terminology that you want to use) using the database engine. However, this SQL can still be seen as "code."

If you include only the attacker, inserting your own code that must be executed directly by the processor (for example, through a buffer overflow), and if the process does not allow you to copy data to the "code area", then it provides protection against such attacks, yes. (I don’t want to demand 100% protection, even if I can’t think of any attacking vectors, this sounds perfect, but security is a trick.)

+5
source share

Apparently, there are some researchers who were able to carry out a constant attack of code injections in the Harvard architecture. So it may not be as safe as people thought.

+4
source share

Most Harvard architecture machines still use a shared shared memory space for data and instructions outside the kernel. Thus, you can still enter the code and execute it as instructions. In fact, most processors today are Harvard's internal architecture, even if they look like Von Neumann.

0
source share

x86 has a segmentation architecture that does this, and it has been used by some projects to try to stop data from executing as code (efforts that are currently mostly lost considering the NX bit) and it never came close to leading to a stream new exploits. Consider the amazing number of remote file inclusions that can still be used in the wild.

0
source share

My university recently had an MS defense that discussed this. Unfortunately, I could not attend. I am sure that if you contacted Mr. Watt, he would be ready to discuss this.

http://www.cs.uidaho.edu/Defenses/KrisWatts.html

0
source share

More articles:


All Articles