With the continuous evolution of computational devices, more and more
applications are being executed remotely. The applications operate on a wide
spectrum of devices, ranging from IoT nodes with low computational capabilities
to large cloud providers with high capabilities. Remote execution often deals
with sensitive data or executes proprietary software. Hence, the challenge of
ensuring that the code execution will not be compromised rises. Remote
Attestation deals with this challenge. It ensures the code is executed in a
non-compromised environment by calculating a potentially large sequence of
cryptographic hash values. Each hash calculation is computationally intensive
and over a large sequence the overhead becomes extremely high. In this work, we
propose LightFAt: a Lightweight Control Flow Attestation scheme. Instead of
relying on the expensive cryptographic hash calculation, LightFAt leverages the
readings from the processor's Performance Monitor Unit (PMU) in conjunction
with a lightweight unsupervised machine learning (ML) classifier to detect
whether a target application's control flow is compromised, hence improving the
system's security. On the verifier's side, LightFAt reaches a detection
accuracy of over 95%, with low false-negative and false-positive rates.
外部データセット
normal execution traces
abnormal samples
monitor traces
参考文献
Computers & Security
A survey of remote attestation in Internet of Things: Attacks, countermeasures, and prospects
B. Kuang, A. Fu, W. Susilo, S. Yu, Y. Gao
Published: 2022
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
C-FLAT: Control-flow attestation for embedded systems software
T. Abera, et al.
Published: 2016
ICUIMC
Design and implementation of an efficient framework for behaviour attestation using n-call slides
R. Ismail, T. A. Syed, S. Musa
Published: 2014
MediCom
Towards efficient control-flow attestation with software-assisted multi-level execution tracing
D. Papamartzivanos, S. A. Menesidou, P. Gouvas, T. Giannetsos
Published: 2021
Lecture Notes in Computer Science
HEALED: HEaling & Attestation for Low-End Embedded Devices
A. Ibrahim, A. R. Sadeghi, G. Tsudik
Published: 2019
Internet of Things Journal
SHeLA: Scalable Heterogeneous Layered Attestation
M. M. Rabbani, J. Vliegen, J. Winderickx, M. Conti, N. Mentens
Published: 2019
Trans. Internet Things
Wise: A lightweight intelligent swarm attestation scheme for the internet of things
M. Ammar, B. Crispo
Published: 2020
(HPCC/SmartCity/DSS)
LAPE: A lightweight attestation of program execution scheme for bare-metal systems
D. Huo, Y. Wang, C. Liu, M. Li, Y. Wang, Z. Xu
Published: 2020
Design Automation Conf.
LO-FAT: Low-overhead control flow attestation in hardware
G. Dessouky, S. Zeitouni, T. Nyman, A. Paverd, L. Davi, P. Koeberl, N. Asokan, A.-R. Sadeghi
Published: 2017
Int. Conf. on Computer-Aided Design
LiteHAX: Lightweight hardware-assisted attestation of program execution
G. Dessouky, T. Abera, A. Ibrahim, A.-R. Sadeghi
Published: 2018
Computer Sec. Appl. Conf.
ReCFA: Resilient control-flow attestation
Y. Zhang, X. Liu, C. Sun, D. Zeng, G. Tan, X. Kan, S. Ma
Published: 2021
arXiv preprint
Tiny-CFA: A minimalistic approach for control-flow attestation using verified proofs of execution
I. D. O. Nunes, S. Jakkamsetti, G. Tsudik
Published: 2020
ARM
Arm Cortex-A53 MPCore Processor Technical Manual
ARM
Published: 2018
WOOT
Hardware-assisted rootkits: Abusing performance counters on the ARM and x86 architectures
M. Spisak
Published: 2016
ASP-DAC
Pmu-leaker: Performance monitor unit-based realization of cache side-channel attacks
P. Qiu, Q. Gao, D. Wang, Y. Lyu, C. Wang, C. Liu, R. Sun, G. Qu
Published: 2023
SIGARCH Comput. Archit. News
Timewarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks
R. Martin, J. Demme, S. Sethumadhavan
Published: 2012
IEEE TIFS
Cache-based side-channel attack mitigation for many-core distributed systems via dynamic task migration
