LiteHAX: Lightweight Hardware-Assisted Attestation of Program Execution
ICCAD-IEEE ACM International Conference on Computer-Aided Design(2018)
摘要
Unlike traditional processors, embedded Internet of Things (IoT) devices lack resources to incorporate protection against modern sophisticated attacks resulting in critical consequences. Remote attestation (RA) is a security service to establish trust in the integrity of a remote device. While conventional RA is static and limited to detecting malicious modification to software binaries at load-time, recent research has made progress towards runtime attestation, such as attesting the control flow of an executing program. However, existing control-flow attestation schemes are inefficient and vulnerable to sophisticated data-oriented programming (DOP) attacks subvert these schemes and keep the control flow of the code intact. In this paper, we present LiteHAX, an efficient hardware-assisted remote attestation scheme for RISC-based embedded devices that enables detecting both control-flow attacks as well as DOP attacks. LiteHAX continuously tracks both the control-flow and data-flow events of a program executing on a remote device and reports them to a trusted verifying party. We implemented and evaluated LiteHAX on a RISC-V System-on-Chip (SoC) and show that it has minimal performance and area overhead.
更多查看译文
关键词
RA,data-oriented programming,lightweight hardware-assisted attestation of program execution,hardware-assisted remote attestation scheme,control-flow attestation schemes,embedded Internet of Things devices,remote device integrity,RISC-based embedded devices,SoC,RISC-V system-on-chip,data-flow events,DOP attacks,control-flow attacks,LiteHAX,runtime attestation,software binaries,malicious modification,security service
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络