An Efficient and Flexible Dynamic Remote Attestation Method

Remote attestation is an important characteristic of trusted computing technology which provides reliable evidence that a trusted environment actually exists. In this paper, we present a new paradigm that leverages software attack graph for dynamic remote attestation. The major contributions of this paper are two-folds: (1) From the angle of attack, we propose a method to reduce the number of objects to be monitored. (2)We propose a flexible and complete execution status information collection method at operating system level. (3)Software attack graph is introduced as the basis for remote attestation. Analysis shows that our method is complete, efficient and flexible.

[1]  Duminda Wijesekera,et al.  Using Attack Graphs in Forensic Examinations , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[2]  Robert H. Deng,et al.  Model-Driven Remote Attestation: Attesting Remote System from Behavioral Aspect , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[3]  Peng Ning,et al.  Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[4]  Michael W. Hicks,et al.  Automated detection of persistent kernel control-flow attacks , 2007, CCS '07.

[5]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[6]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[7]  Weimin Wei,et al.  Clustering System Call Arguments for Remote Attestation , 2012 .

[8]  Xinwen Zhang,et al.  On Leveraging Stochastic Models for Remote Attestation , 2010, INTRUST.

[9]  Ahmad-Reza Sadeghi,et al.  Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks , 2009, STC '09.

[10]  Trent Jaeger,et al.  PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.

[11]  Xinwen Zhang,et al.  Behavioral attestation for web services (BA4WS) , 2008, SWS '08.

[12]  Xiao Zhang,et al.  Network Security Risk Assessment Based on Attack Graph , 2013, J. Comput..

[13]  Andrew Lee-Thorp,et al.  Attestation in Trusted Computing: Challenges and Potential Solutions , 2010 .

[14]  Jean-Pierre Seifert,et al.  Model-based behavioral attestation , 2008, SACMAT '08.

[15]  Dan Wang,et al.  Behavior Analysis-Based Dynamic Trust Measurement Model , 2011, ICICS.

[16]  Ulrich Kühn,et al.  Realizing property-based attestation and sealing with commonly available hard- and software , 2007, STC '07.

[17]  Jean-Pierre Seifert,et al.  Remote Attestation with Domain-Based Integrity Model and Policy Analysis , 2012, IEEE Transactions on Dependable and Secure Computing.

[18]  Jian Wang,et al.  RABBIF: Remote Attestation Based on Behavior and Information Flow , 2010, 2010 Second International Conference on Computer Engineering and Applications.