Published September 7, 2021 | Version v1
Conference paper Open

Towards Efficient Control-Flow Attestation with Software-Assisted Multi-level Execution Tracing

Description

In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms to verify software and device integrity for detecting run-time modifications in nextgeneration systems-of-systems. In this context, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device’s configuration integrity and behavioural execution correctness. However, most of the existing families of attestation solutions suffer from the lack of softwarebased mechanisms for the efficient extraction of rigid control-flow information. This limits their applicability to only those cyberphysical systems equipped with additional hardware support. This paper proposes a multi-level execution tracing framework capitalizing on recent software features, namely the extended Berkeley Packet Filter and Intel Processor Trace technologies, that can efficiently capture the entire platform configuration and control-flow stacks, thus, enabling wide attestation coverage capabilities that can be applied on both resource-constrained devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable tracing
solution eliminating the need for federated infrastructure trust.

Files

Towards Efficient Control-Flow Attestation with Software-Assisted Multi-level Execution Tracing_ASSURED.pdf

Additional details

Funding

ASSURED – Future Proofing of ICT Trust Chains: Sustainable Operational Assurance and Verification Remote Guards for Systems-of-Systems Security and Privacy 952697
European Commission