Determining the Integrity of Application Binaries on Unsecure Legacy Machines Using Software Based Remote Attestation

被引:0
|
作者
Srinivasan, Raghunathan [1 ]
Dasgupta, Partha [1 ]
Gohad, Tushar [2 ]
Bhattacharya, Amiya [1 ]
机构
[1] Arizona State Univ, Tempe, AZ 85281 USA
[2] MontaVista Software, LLC, San Jose, CA USA
来源
INFORMATION SYSTEMS SECURITY | 2010年 / 6503卷
基金
美国国家科学基金会;
关键词
remote attestation; integrity measurement; code injection;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Integrity of computing platforms is paramount. A platform is as secure as the applications executing on it. All applications are created with some inherent vulnerability or loophole. Attackers can analyze the presence of flaws in a particular binary and exploit them. Traditional virus scanners are also binaries which can be attacked by malware. This paper implements a method known as Remote Attestation entirely in software to attest the integrity of a process using a trusted external server. The trusted external server issues a challenge to the client machine which responds to the challenge. The response determines the integrity of the application.
引用
收藏
页码:66 / +
页数:3
相关论文
共 50 条
  • [1] Remote Attestation based Software Integrity of IoT devices
    Sundar, Shyam
    Yellai, Prabhakara
    Sanagapati, Siva Sankara Sai
    Pradhan, Prayas Chandra
    Reddy, Sai Kiran Kumar Y.
    [J]. 13TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED NETWORKS AND TELECOMMUNICATION SYSTEMS (IEEE ANTS), 2019,
  • [2] Remote attestation and integrity measurements with Intel SGX for virtual machines
    Kucab, Michal
    Borylo, Piotr
    Cholda, Piotr
    [J]. COMPUTERS & SECURITY, 2021, 106
  • [3] Software complexity based remote attestation
    Li Xiao-Yong
    Han Zhen
    Shen Chang-Xiang
    [J]. ICICIC 2006: FIRST INTERNATIONAL CONFERENCE ON INNOVATIVE COMPUTING, INFORMATION AND CONTROL, VOL 3, PROCEEDINGS, 2006, : 220 - +
  • [4] Remote Attestation of Software and Execution-Environment in Modern Machines
    Kiperberg, Michael
    Resh, Amit
    Zaidenberg, Nezer J.
    [J]. 2015 IEEE 2ND INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (CSCLOUD), 2015, : 335 - 341
  • [5] Counteracting software integrity attacks on IoT devices with remote attestation: a prototype
    Berbecaru, Diana Gratiela
    Sisinni, Silvia
    [J]. 2022 26TH INTERNATIONAL CONFERENCE ON SYSTEM THEORY, CONTROL AND COMPUTING (ICSTCC), 2022, : 380 - 385
  • [6] Software-Based Remote Network Attestation
    Kumar, Seema
    Eugster, Patrick
    Santini, Silvia
    [J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (05) : 2920 - 2933
  • [7] Software-based remote memory attestation using quantum entanglement
    Laeuchli, Jesse
    Trujillo-Rasua, Rolando
    [J]. QUANTUM INFORMATION PROCESSING, 2024, 23 (06)
  • [8] Bypassing software-based remote attestation using debug registers
    Zhang, Zheng
    Xue, Jingfeng
    Mu, Tianshi
    Yu, Ting
    Qiu, Kefan
    Chen, Tian
    Li, Yuanzhang
    [J]. CONNECTION SCIENCE, 2024, 36 (01)
  • [9] Remote software-based attestation for wireless sensors
    Shaneck, M
    Mahadevan, K
    Kher, V
    Kim, Y
    [J]. SECURITY AND PRIVACY IN AD-HOC AND SENSOR NETWORKS, 2005, 3813 : 27 - 41
  • [10] Remote Attestation with Domain-Based Integrity Model and Policy Analysis
    Xu, Wenjuan
    Zhang, Xinwen
    Hu, Hongxin
    Ahn, Gail-Joon
    Seifert, Jean-Pierre
    [J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2012, 9 (03) : 429 - 442
12345