A Probability Prediction Based Mutable Control-Flow Attestation Scheme on Embedded Platforms

Hu, Jianxing; Huo, Dongdong; Wang, Meilin; Wang, Yazhe; Zhang, Yan; Li, Yu

doi:10.1109/trustcom/bigdatase.2019.00077

Cited by 6 publications

(16 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…TinyCFA [10] provides control flow attestation for low-end MCUs, such as ATmega32. Hu et al proposed [11] to apply the control flow attestation mechanism only to potentially vulnerable parts of the program. Our advantage against all of these is the ability to support GPOS and normal multi-process and multi-threaded applications.…”

Section: Related Workmentioning

confidence: 99%

Nanovised Control Flow Attestation

2022

View full text Add to dashboard Cite

This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.

show abstract

Section: Related Workmentioning

confidence: 99%

Nanovised Control Flow Attestation

2022

View full text Add to dashboard Cite

show abstract

“…Control flow attestation [4,5,12,13,20,21,25,31,35,36,39] is a kind of runtime attestation diagnosing the execution path of remote software and ensuring the integrity of the program under control-oriented exploits. C-FLAT [4] proposed to measure the validity of the execution paths with the CFG of the program being attested.…”

Section: Related Workmentioning

confidence: 99%

“…The calls between functions in each compartment are captured as paths at runtime and used to generate the attestation report during compartment switching. MGC-FA [20] used a machine-learning model to predict the vulnerable probability and decide the strictness-level of control flow attestation. Tiny-CFA [31] provides control-flow attestation for low-end MCUs and only requires the hardware to support PoX architecture [30].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

ReCFA: Resilient Control-Flow Attestation

Zhang

Liu

Zeng

et al. 2021

Annual Computer Security Applications Conference

View full text Add to dashboard Cite

Recent IoT applications gradually adapt more complicated end systems with commodity software. Ensuring the runtime integrity of these software is a challenging task for the remote controller or cloud services. Popular enforcement is the runtime remote attestation which requires the end system (prover) to generate evidence for its runtime behavior and a remote trusted verifier to attest the evidence. Control-flow attestation is a kind of runtime attestation that provides diagnoses towards the remote control-flow hijacking at the prover. Most of these attestation approaches focus on small or embedded software. The recent advance to attesting complicated software depends on the source code and execution-profiling CFG to measure the subpaths, which may be incomplete and unavailable for commodity software.In this work, we propose a resilient control-flow attestation (ReCFA), which does not need the offline measurement of all legitimate control-flow paths, thus scalable to be used on complicated commodity software. Our main contribution is a multi-phase approach to condensing the runtime control-flow events; as a result, the vast amount of control-flow events are abstracted into a deliverable size. The condensing approach consists of filtering skippable call sites, folding program-structure related control-flow events, and a greedy compression. Our approach is implemented with binary-level static analysis and instrumentation. We employ a shadow stack mechanism at the verifier to enforce context-sensitive control-flow integrity and diagnose the compromised control-flow events violating the security policy. The experimental results on real-world benchmarks show both the efficiency of the control-flow condensing and the effectiveness of security enforcement.

show abstract

“…is adds overhead as it gets more contextual information at the basic block level. To balance runtime overhead and control flow security, some people have proposed a mutable control flow attestation scheme based on probability prediction [7] and a granularity adaptive control flow attestation scheme based on Non-dominated Sorting Genetic Algorithm-II (NSGA-II) [8]. A log-based control flow attestation scheme [9] has also been proposed to deal with ROP [2] attacks and uses Physical Unclonable Functions (PUF) as a lightweight root of trust for the prover.…”

Section: Introductionmentioning

confidence: 99%

Blockchain-Assisted Distributed Fog Computing Control Flow Attestation

Shen

Bai

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

The control flow hijacking attack poses a serious threat to the integrity of the software. The attacker exploits the loophole to hijack the control flow of the running program to achieve the purpose of the attack. Remote control flow attestation is a method for embedded devices to ensure the integrity of the software. With the continuous development of Internet of Things (IoT) technology, embedded devices have exploded. None of the existing control flow attestation schemes can adapt to the real-time attestation requests of such massive embedded devices. This paper proposes a blockchain-assisted distributed fog computing control flow attestation scheme BDFCFA to deal with this scenario. The scheme uses a simplified control flow representation model, which can effectively represent the control flow of the program and reduce the runtime overhead of the prover in the attestation process. We use SGX technology to protect the integrity and confidentiality of verifier and prover data during the attestation process. Our proposed bidirectional control flow attestation protocol based on the elliptic curve can greatly protect the communication security between verifiers and provers without incurring excessive performance overhead and communication cost. We evaluate the performance of BDFCFA through the SNU real-time benchmark and demonstrate that BDFCFA has better performance. Finally, compared to the existing remote control flow attestation scheme, the results show that BDFCFA has the highest security.

show abstract

A Probability Prediction Based Mutable Control-Flow Attestation Scheme on Embedded Platforms

Cited by 6 publications

References 18 publications

Nanovised Control Flow Attestation

Nanovised Control Flow Attestation

ReCFA: Resilient Control-Flow Attestation

Blockchain-Assisted Distributed Fog Computing Control Flow Attestation

Contact Info

Product

Resources

About