TU Darmstadt / ULB / TUbiblio

ATRIUM: Runtime Attestation Resilient Under Memory Attacks

Zeitouni, Shaza ; Dessouky, Ghada ; Arias, Orlando ; Sullivan, Dean ; Ibrahim, Ahmad ; Jin, Yier ; Sadeghi, Ahmad-Reza (2017)
ATRIUM: Runtime Attestation Resilient Under Memory Attacks.
Irvine, California, US
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Remote attestation is an important security service that allows a trusted party (verifier) to verify the integrity of the software running on a remote and potentially compromised device (prover). The security of existing remote attestation schemes relies on the assumptions that attacks are software-only and the prover's code cannot be modified at runtime. However, in practice, these schemes can be bypassed in a stronger and more realistic adversary model with physical access to (either off-chip or on-chip) code memory and is hereby capable of controlling and modifying code memory to attest benign code but execute malicious code instead -- leaving the underlying system vulnerable to Time of Check Time of Use (TOCTOU) attacks. In this paper, we first show how to successfully launch TOCTOU attacks on some recently proposed attestation schemes by exploiting physical access to code memory. Then we present the design and proof-of-concept implementation of SMARTER, the first practical runtime remote attestation system that securely attests both the code's binary and its execution in the mentioned stronger adversary model. SMARTER provides resilience against both software- and hardware-based TOCTOU attacks, while incurring minimal area and performance overhead.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2017
Autor(en): Zeitouni, Shaza ; Dessouky, Ghada ; Arias, Orlando ; Sullivan, Dean ; Ibrahim, Ahmad ; Jin, Yier ; Sadeghi, Ahmad-Reza
Art des Eintrags: Bibliographie
Titel: ATRIUM: Runtime Attestation Resilient Under Memory Attacks
Sprache: Deutsch
Publikationsjahr: November 2017
Buchtitel: 2017 International Conference On Computer Aided Design (ICCAD'17)
Veranstaltungsort: Irvine, California, US
Kurzbeschreibung (Abstract):

Remote attestation is an important security service that allows a trusted party (verifier) to verify the integrity of the software running on a remote and potentially compromised device (prover). The security of existing remote attestation schemes relies on the assumptions that attacks are software-only and the prover's code cannot be modified at runtime. However, in practice, these schemes can be bypassed in a stronger and more realistic adversary model with physical access to (either off-chip or on-chip) code memory and is hereby capable of controlling and modifying code memory to attest benign code but execute malicious code instead -- leaving the underlying system vulnerable to Time of Check Time of Use (TOCTOU) attacks. In this paper, we first show how to successfully launch TOCTOU attacks on some recently proposed attestation schemes by exploiting physical access to code memory. Then we present the design and proof-of-concept implementation of SMARTER, the first practical runtime remote attestation system that securely attests both the code's binary and its execution in the mentioned stronger adversary model. SMARTER provides resilience against both software- and hardware-based TOCTOU attacks, while incurring minimal area and performance overhead.

Freie Schlagworte: Solutions; S2; Primitives; P3
ID-Nummer: TUD-CS-2017-0135
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Systemsicherheit
DFG-Sonderforschungsbereiche (inkl. Transregio)
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen
Hinterlegungsdatum: 20 Jun 2017 17:47
Letzte Änderung: 02 Mai 2019 11:00
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen