poster

How to Securely Record Logs based on ARM TrustZone

Authors:

Seungho Lee,

Wonsuk Choi,

Hyo Jin Jo,

Dong Hoon LeeAuthors Info & Claims

Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

Pages 664 - 666

https://doi.org/10.1145/3321705.3331001

Published: 02 July 2019 Publication History

Get Access

Abstract

A number of logs are generated from IT devices. Since logs have important information regarding a system, they are used for finding the trace of an intrusion or obtaining important information through a big data analysis. Hence, the logs have become a major attack surface for attackers. To protect logs, IT devices require secure logging methods as a mandatory service. Secure logging can provide detection of malicious manipulation of logs and verification of their origin. In this paper, we propose a secure logging method satisfying forward and backward secrecy based on ARM TrustZone for embedded systems, which enables to efficiently generate secure logs through inter-process communication without modification of the existing system (Syslog). Also, we show that the proposed method does not require extra overhead compared with the existing logging method.

References

[1]

Mihir Bellare and Bennet Yee. 1997. Forward integrity for secure audit logs . Technical Report. Technical report, Computer Science and Engineering Department, University of California at San Diego.

Google Scholar

[2]

Jason E Holt. 2006. Logcrypt: forward security and public verification for secure audit logs. In ACM International Conference Proceeding Series, Vol. 167. 203--211.

Digital Library

Google Scholar

[3]

Vishal Karande, Erick Bauman, Zhiqiang Lin, and Latifur Khan. 2017. Sgx-log: Securing system logs with sgx. In ACM ASIACCS 2017. ACM, 19--30.

Digital Library

Google Scholar

[4]

Seungho Lee, Wonsuk Choi, Hyo Jin Jo, and Dong Hoon Lee. 2019. T-Box: A forensics-enabled trusted automotive data recording method. IEEE Access (2019).

Google Scholar

[5]

Bruce Schneier and John Kelsey. 1999. Secure audit logs to support computer forensics. TISSEC (1999), 159--176.

Digital Library

Google Scholar

[6]

Arunesh Sinha, Limin Jia, Paul England, and Jacob R Lorch. 2014. Continuous tamper-proof logging using TPM 2.0. In International Conference on Trust and Trustworthy Computing. Springer, 19--36.

Digital Library

Google Scholar

Cited By

View all

Santos JValadares DGorgônio KPerkusich A(2024)Mobile Data Security with Attribute-based Encryption and Confidential Computing2024 IEEE International Conference on Consumer Electronics (ICCE)10.1109/ICCE59016.2024.10444176(1-4)Online publication date: 6-Jan-2024
https://doi.org/10.1109/ICCE59016.2024.10444176
Bajramovic EFein CFrinken MRösler PFreiling F(2023)LAVA: Log Authentication and Verification AlgorithmDigital Threats: Research and Practice10.1145/36092334:3(1-17)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3609233
Lu DShi MMa XLiu XGuo RZheng TShen YDong XMa J(2023)Smaug: A TEE-Assisted Secured SQLite for Embedded SystemsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.321602020:5(3617-3635)Online publication date: 1-Sep-2023
https://doi.org/10.1109/TDSC.2022.3216020
Show More Cited By

Recommendations

Demystifying Arm TrustZone: A Comprehensive Survey

The world is undergoing an unprecedented technological transformation, evolving into a state where ubiquitous Internet-enabled “things” will be able to generate and share large amounts of security- and privacy-sensitive data. To cope with the security ...
TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone
MobiSys '17: Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services

The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make them smarter. A variety of applications now run simultaneously on an ARM-based processor. For example, devices on the edge of the Internet are provided with ...
Secure Block Device -- Secure, Flexible, and Efficient Data Storage for ARM TrustZone Systems
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01

Recent years have seen a flurry of activity in the area of efficient and secure file systems for cloud storage, and also in the area of memory protection for secure processors. Both scenarios use cryptographic methods for data protection. Here, we ...

Comments

Information & Contributors

Information

Published In

Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

July 2019

708 pages

ISBN:9781450367523

DOI:10.1145/3321705

General Chairs:
Steven Galbraith
University of Auckland, New Zealand
,
Giovanni Russello
University of Auckland, New Zealand
,
Willy Susilo
University of Wollongong, Australia
,
Program Chairs:
Dieter Gollmann
Hamburg University of Technology, Germany & Nanyang Technological University, Singapore
,
Engin Kirda
Northeastern University, USA
,
Zhenkai Liang
National University of Singapore, Singapore

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 July 2019

Check for updates

Author Tags

Qualifiers

Poster

Conference

Asia CCS '19

Sponsor:

SIGSAC

Asia CCS '19: ACM Asia Conference on Computer and Communications Security

July 9 - 12, 2019

Auckland, New Zealand

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
311
Total Downloads

Downloads (Last 12 months)40
Downloads (Last 6 weeks)4

Reflects downloads up to 17 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Santos JValadares DGorgônio KPerkusich A(2024)Mobile Data Security with Attribute-based Encryption and Confidential Computing2024 IEEE International Conference on Consumer Electronics (ICCE)10.1109/ICCE59016.2024.10444176(1-4)Online publication date: 6-Jan-2024
https://doi.org/10.1109/ICCE59016.2024.10444176
Bajramovic EFein CFrinken MRösler PFreiling F(2023)LAVA: Log Authentication and Verification AlgorithmDigital Threats: Research and Practice10.1145/36092334:3(1-17)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3609233
Lu DShi MMa XLiu XGuo RZheng TShen YDong XMa J(2023)Smaug: A TEE-Assisted Secured SQLite for Embedded SystemsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.321602020:5(3617-3635)Online publication date: 1-Sep-2023
https://doi.org/10.1109/TDSC.2022.3216020
Kang DJo H(2023)TB-Logger: Secure Vehicle Data Logging Method Using Trusted Execution Environment and BlockchainIEEE Access10.1109/ACCESS.2023.325362611(23282-23292)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3253626
Mishra NChakraborty AChatterjee UMukhopadhyay D(2023)Time’s a Thief of MemorySmart Card Research and Advanced Applications10.1007/978-3-031-25319-5_1(3-24)Online publication date: 29-Jan-2023
https://doi.org/10.1007/978-3-031-25319-5_1
Khare SBadholia A(2022)Analysis of Cloud and Self-Web-Hosting Services Based on Security ParametersInternational Journal of Information System Modeling and Design10.4018/IJISMD.29762913:6(1-14)Online publication date: 22-Apr-2022
https://dl.acm.org/doi/10.4018/IJISMD.297629
Wu YHe LShan YZhang PHe MYang Z(2020)TrustyShare: A Sharing Scheme using ARM TrustZone2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00239(1741-1747)Online publication date: Dec-2020
https://doi.org/10.1109/TrustCom50675.2020.00239
Lee SJo HChoi WKim HPark JLee D(2020)Fine-Grained Access Control-Enabled Logging Method on ARM TrustZoneIEEE Access10.1109/ACCESS.2020.29914318(81348-81364)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2991431
Busch MSchlenk RHeckel H(2019)TEEMoProceedings of the 4th Workshop on System Software for Trusted Execution10.1145/3342559.3365339(1-6)Online publication date: 27-Oct-2019
https://dl.acm.org/doi/10.1145/3342559.3365339

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Demystifying Arm TrustZone: A Comprehensive Survey

TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone

Secure Block Device -- Secure, Flexible, and Efficient Data Storage for ARM TrustZone Systems

Comments

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Recommendations

Demystifying Arm TrustZone: A Comprehensive Survey

TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone

Secure Block Device -- Secure, Flexible, and Efficient Data Storage for ARM TrustZone Systems

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations