On the Difficulty of Software-Based Attestation of Embedded Dewices

机译：基于软件的嵌入式设备的证明难度

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Device attestation is an essential feature in many security protocols and applications. The lack of dedicated hardware and the impossibility to physically access devices to be attested, makes attestation of embedded devices, in applications such as Wireless Sensor Networks, a prominent challenge. Several software-based attestation techniques have been proposed that either rely on tight time constraints or on the lack of free space to store malicious code. This paper investigates the shortcomings of existing software-based attestation techniques. We first present two generic attacks, one based on a return-oriented rootkit and the other on code compression. We further describe specific attacks on two existing proposals, namely SWATT and ICE-based schemes, and argue about the difficulty of fixing them. All attacks presented in this paper were implemented and validated on commodity sensors.

机译：设备证明是许多安全协议和应用程序中的重要特征。缺乏专用硬件和无法证明设备的物理访问设备，使嵌入式设备的证明是无线传感器网络，突出挑战的应用。已经提出了几种基于软件的证明技术，依赖于紧密的时间限制或缺乏自由空间来存储恶意代码。本文调查了现有的基于软件的证明技术的缺点。我们首先呈现两个泛型攻击，一个基于返回面向rootkit，另一个在代码压缩上。我们进一步描述了对两个现有提案的特定攻击，即SWATT和基于冰和冰的方案，并争论修复它们的难度。本文提出的所有攻击都在商品传感器上实施和验证。

著录项

来源
《Association for Computing Machinery Conference on Computer and Communications Security》|2009年||共10页
会议地点
作者
Claude Castelluccia; Aurelien Francilion; Daniele Perito; Claudio Soriente;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP309-53;
关键词
Software-Based Attestation; Return-Oriented Programming; Code Compression; Embedded Systems; Wireless Sensor Networks; Indisputable Code Execution; SWATT;

机译：基于软件的证明;以返回返回的编程;代码压缩;嵌入式系统;无线传感器网络;无可争议的代码执行;SWATT;

相似文献

外文文献
中文文献
专利

1. Towards more practical software-based attestation [J] . Steiner Rodrigo Vieira, Lupu Emil Computer networks . 2019,第FEBa11期

机译：寻求更实用的基于软件的认证
2. Formal Verification of Embedded Systems for Remote Attestation [J] . G. Cabodi, P. Camurati, C. Loiacono, WSEAS Transactions on Computers . 2015,第Null期

机译：用于远程认证的嵌入式系统的形式验证
3. Cumulative Attestation Kernels for Embedded Systems [J] . LeMay M. Smart Grid, IEEE Transactions on . 2012,第2期

机译：嵌入式系统的累积证明内核
4. On the Difficulty of Software-Based Attestation of Embedded Dewices [C] . Claude Castelluccia, Aurelien Francilion, Daniele Perito, Association for Computing Machinery Conference on Computer and Communications Security . 2009

机译：基于软件的嵌入式设备的证明难度
5. Secure Remote Attestation for Safety-Critical Embedded and IoT Devices [D] . Rattanavipanon, Norrathep . 2019

机译：为安全关键嵌入式和IOT设备安全远程证明
6. State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things [O] . Sigurd Frej Joel Jørgensen Ankergård, Edlira Dushku, Nicola Dragoni 2021

机译：基于最先进的软件遥控证明：机会和事物互联网的开放问题
7. On the Difficulty of Software-Based Attestation of Embedded Devices [O] . Claude Castelluccia, Aurélien Francillon, Daniele Perito, 2010

机译：基于软件的嵌入式设备认证难点
8. Comprehensive Security Analysis of and an Implementation Framework for Embedded Software Attestation Methods Leveraging FPGA-Based System-on-a-Chip Architectures. [R] . Reber, P. A. 2017

机译：利用基于FpGa的片上系统架构的嵌入式软件认证方法的综合安全性分析和实现框架。

On the Difficulty of Software-Based Attestation of Embedded Dewices

摘要

著录项

相似文献

相关主题

期刊订阅