CROSSING Publications

ATRIUM: Runtime Attestation Resilient Under Memory Attacks

Author Shaza Zeitouni, Ghada Dessouky, Orlando Arias, Dean Sullivan, Ahmad Ibrahim, Yier Jin, Ahmad-Reza Sadeghi
Date November 2017
Kind Inproceedings
Book title2017 International Conference On Computer Aided Design (ICCAD'17)
LocationIrvine, California, US
KeyTUD-CS-2017-0135
Research Areas S2, CROSSING, System Security Lab, P3, CYSEC
Abstract Remote attestation is an important security service that allows a trusted party (verifier) to verify the integrity of the software running on a remote and potentially compromised device (prover). The security of existing remote attestation schemes relies on the assumptions that attacks are software-only and the prover's code cannot be modified at runtime. However, in practice, these schemes can be bypassed in a stronger and more realistic adversary model with physical access to (either off-chip or on-chip) code memory and is hereby capable of controlling and modifying code memory to attest benign code but execute malicious code instead -- leaving the underlying system vulnerable to Time of Check Time of Use (TOCTOU) attacks. In this paper, we first show how to successfully launch TOCTOU attacks on some recently proposed attestation schemes by exploiting physical access to code memory. Then we present the design and proof-of-concept implementation of SMARTER, the first practical runtime remote attestation system that securely attests both the code's binary and its execution in the mentioned stronger adversary model. SMARTER provides resilience against both software- and hardware-based TOCTOU attacks, while incurring minimal area and performance overhead.
[Export this entry to BibTeX]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang