“…TinyCFA [10] provides control flow attestation for low-end MCUs, such as ATmega32. Hu et al proposed [11] to apply the control flow attestation mechanism only to potentially vulnerable parts of the program. Our advantage against all of these is the ability to support GPOS and normal multi-process and multi-threaded applications.…”
This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.
“…TinyCFA [10] provides control flow attestation for low-end MCUs, such as ATmega32. Hu et al proposed [11] to apply the control flow attestation mechanism only to potentially vulnerable parts of the program. Our advantage against all of these is the ability to support GPOS and normal multi-process and multi-threaded applications.…”
This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.
“…Control flow attestation [4,5,12,13,20,21,25,31,35,36,39] is a kind of runtime attestation diagnosing the execution path of remote software and ensuring the integrity of the program under control-oriented exploits. C-FLAT [4] proposed to measure the validity of the execution paths with the CFG of the program being attested.…”
Section: Related Workmentioning
confidence: 99%
“…The calls between functions in each compartment are captured as paths at runtime and used to generate the attestation report during compartment switching. MGC-FA [20] used a machine-learning model to predict the vulnerable probability and decide the strictness-level of control flow attestation. Tiny-CFA [31] provides control-flow attestation for low-end MCUs and only requires the hardware to support PoX architecture [30].…”
Section: Related Workmentioning
confidence: 99%
“…for complex programs whose paths and sub-paths are difficult to be completely enumerated in advance. Several control flow attestation approaches also mitigate non-control-data attacks [4,5,13,20,39] or data-only attacks [12,32,35].…”
Recent IoT applications gradually adapt more complicated end systems with commodity software. Ensuring the runtime integrity of these software is a challenging task for the remote controller or cloud services. Popular enforcement is the runtime remote attestation which requires the end system (prover) to generate evidence for its runtime behavior and a remote trusted verifier to attest the evidence. Control-flow attestation is a kind of runtime attestation that provides diagnoses towards the remote control-flow hijacking at the prover. Most of these attestation approaches focus on small or embedded software. The recent advance to attesting complicated software depends on the source code and execution-profiling CFG to measure the subpaths, which may be incomplete and unavailable for commodity software.In this work, we propose a resilient control-flow attestation (ReCFA), which does not need the offline measurement of all legitimate control-flow paths, thus scalable to be used on complicated commodity software. Our main contribution is a multi-phase approach to condensing the runtime control-flow events; as a result, the vast amount of control-flow events are abstracted into a deliverable size. The condensing approach consists of filtering skippable call sites, folding program-structure related control-flow events, and a greedy compression. Our approach is implemented with binary-level static analysis and instrumentation. We employ a shadow stack mechanism at the verifier to enforce context-sensitive control-flow integrity and diagnose the compromised control-flow events violating the security policy. The experimental results on real-world benchmarks show both the efficiency of the control-flow condensing and the effectiveness of security enforcement.
“…is adds overhead as it gets more contextual information at the basic block level. To balance runtime overhead and control flow security, some people have proposed a mutable control flow attestation scheme based on probability prediction [7] and a granularity adaptive control flow attestation scheme based on Non-dominated Sorting Genetic Algorithm-II (NSGA-II) [8]. A log-based control flow attestation scheme [9] has also been proposed to deal with ROP [2] attacks and uses Physical Unclonable Functions (PUF) as a lightweight root of trust for the prover.…”
The control flow hijacking attack poses a serious threat to the integrity of the software. The attacker exploits the loophole to hijack the control flow of the running program to achieve the purpose of the attack. Remote control flow attestation is a method for embedded devices to ensure the integrity of the software. With the continuous development of Internet of Things (IoT) technology, embedded devices have exploded. None of the existing control flow attestation schemes can adapt to the real-time attestation requests of such massive embedded devices. This paper proposes a blockchain-assisted distributed fog computing control flow attestation scheme BDFCFA to deal with this scenario. The scheme uses a simplified control flow representation model, which can effectively represent the control flow of the program and reduce the runtime overhead of the prover in the attestation process. We use SGX technology to protect the integrity and confidentiality of verifier and prover data during the attestation process. Our proposed bidirectional control flow attestation protocol based on the elliptic curve can greatly protect the communication security between verifiers and provers without incurring excessive performance overhead and communication cost. We evaluate the performance of BDFCFA through the SNU real-time benchmark and demonstrate that BDFCFA has better performance. Finally, compared to the existing remote control flow attestation scheme, the results show that BDFCFA has the highest security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.