Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems

We propose a primitive, called Pioneer, as a first step towards verifiable code execution on untrusted legacy hosts. Pioneer does not require any hardware support such as secure co-processors or CPU-architecture extensions. We implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used as a basic building block to build security systems. We demonstrate this by building a kernel rootkit detector.

[1]  Jeffrey Katcher,et al.  PostMark: A New File System Benchmark , 1997 .

[2]  Juan-Mariano de Goyeneche,et al.  Loadable Kernel Modules , 1999, IEEE Softw..

[3]  Dino Zovi Kernel Rootkits , 2001 .

[4]  Adi Shamir,et al.  A New Class of Invertible Mappings , 2002, CHES.

[5]  Keith H. Randall,et al.  Denali: a goal-directed superoptimizer , 2002, PLDI '02.

[6]  Anton Chuvakin,et al.  Ups and Downs of UNIX/Linux Host-Based Security Solutions , 2003, Login: The Usenix Magazine.

[7]  Robert Tappan Morris,et al.  USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .

[8]  Samuel T. King,et al.  Backtracking intrusions , 2003, SOSP '03.

[9]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[10]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[11]  Philippe Roussel,et al.  The microarchitecture of the intel pentium 4 processor on 90nm technology , 2004 .

[12]  William A. Arbaugh,et al.  Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.

[13]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[14]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[15]  Yi-Min Wang,et al.  Strider GhostBuster: Why It’s A Bad Idea For Stealth Software To Hide Files , 2004 .

[16]  Yi-Min Wang,et al.  AskStrider: What Has Changed on My Machine Lately? , 2004 .

[17]  J. Doug Tygar,et al.  Side Effects Are Not Sufficient to Authenticate Software , 2004, USENIX Security Symposium.

[18]  Paul C. van Oorschot,et al.  A generic attack on checksumming-based software tamper resistance , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[19]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[20]  Elaine Shi,et al.  BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).