research-article

Design and implementation of an efficient framework for behaviour attestation using n-call slides

Authors:

Toqeer Ali Syed,

Shahrulniza MusaAuthors Info & Claims

ICUIMC '14: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

Article No.: 36, Pages 1 - 8

https://doi.org/10.1145/2557977.2558002

Published: 09 January 2014 Publication History

Abstract

We present design and implementation of behaviour based attestation of an enterprise centric application. Remote attestation is used to measure the trustworthiness of the target platform. Some of the techniques proposed in the past are hash based which are efficient but could not measure malicious behaviour of an application caused by buffer overflow attacks or misconfigured by end user. To tackle these attacks the runtime dynamic behaviour of the target application should be measured and verified. In this regard, behaviour based attestation techniques are proposed but they have problems of efficiency and verification at the challenger end. In this research, we have designed and implemented an architecture of sliding windows of system calls which reduces measurement of the application's behaviour and is successfully able to identify trustworthiness of the target application. We have reproduced the previous system calls based techniques and compared the results with our work to prove the performance improvements.

References

[1]

Project: Dynamic Behavioral Attestation for Mobile Platforms. http://serg.imsciences.edu.pk/projects/dbamp/.

[2]

Alam, M., Zhang, X., Nauman, M., and Ali, T. Behavioral Attestation for Web Services (BA4WS). In SWS'08: Proceedings of the ACM Workshop on Secure Web Services (SWS) located at 15th ACM Conference on Computer and Communications Security (CCS-15) (New York, NY, USA, 2008), ACM Press.

Digital Library

[3]

Alam, M., Zhang, X., Nauman, M., Ali, T., and Seifert, J.-P. Model-based Behavioral Attestation. In SACMAT '08: Proceedings of the thirteenth ACM symposium on Access control models and technologies. (New York, NY, USA, 2008), ACM Press.

Digital Library

[4]

Ali, T., Nauman, M., and Alam, M. Scalable Remote Attestation with Privacy Protection. In InTrust'09: Proceedings of the International Conference on Trusted Systems (2009), Springer.

Digital Library

[5]

Ali, T., Nauman, M., and Zhang, X. On leveraging stochastic models for remote attestation. In Trusted Systems. Springer, 2011, pp. 290--301.

Digital Library

[6]

Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.-R., and Stüble, C. A protocol for property-based attestation. In Proceedings of the first ACM workshop on Scalable trusted computing (2006), ACM, pp. 7--16.

Digital Library

[7]

Davi, L., Sadeghi, A., and Winandy, M. Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks. In Proceedings of the 2009 ACM workshop on Scalable trusted computing (2009), ACM, pp. 49--54.

Digital Library

[8]

Fawcett, T. An introduction to roc analysis. Pattern recognition letters 27, 8 (2006), 861--874.

Digital Library

[9]

GNU. Gnu Not Unix, 2013. http://www.gnu.org.philosophy.free-sw.html.

[10]

Gu, L., Cheng, Y., Ding, X., Deng, R., Guo, Y., and Shao, W. Remote Attestation on Function Execution. In InTrust'09: Proceedings of the 2009 International Conference on Trusted Systems (2009).

Digital Library

[11]

Gu, L., Ding, X., Deng, R., Xie, B., and Mei, H. Remote Attestation on Program Execution. In STC '08: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing (New York, NY, USA, 2008), ACM.

Digital Library

[12]

Haldar, V., Chandra, D., and Franz, M. Semantic Remote Attestation -- A Virtual Machine directed approach to Trusted Computing. In. Proc. of the Third Virtual Machine Research and Technology Symposium USENIX 2004 (2004).

Digital Library

[13]

Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., and Witten, I. The WEKA data mining software: An update. ACM SIGKDD Explorations Newsletter 11, 1 (2009), 10--18.

Digital Library

[14]

Jaeger, T., Sailer, R., and Shankar, U. PRIMA: Policy-Reduced Integrity Measurement Architecture. In SACMAT '06: Proceedings of the eleventh ACM Symposium on Access Control Models and Technologies (New York, NY, USA, 2006), ACM Press, pp. 19--28.

Digital Library

[15]

Li, X.-Y., xiang Shen, C., and Zuo, X.-D. An Efficient Attestation for Trustworthiness of Computing Platform. In IIH-MSP (2006), pp. 625--630.

Digital Library

[16]

Loscocco, P. A., Wilson, P. W, Pendergrass, J. A., and McDonell, C. D. Linux Kernel Integrity Measurement Using Contextual Inspection. In STC '07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (New York, NY, USA, 2007), ACM, pp. 21--29.

Digital Library

[17]

Lyle, J. Trustable Remote Verification of Web Services. In Trusted Computing: Second International Conference on Trusted Computing, Trust 2009 Oxford, UK, April 6--8, 2009 Proceedings (2009), Springer London, Limited, p. 153.

Digital Library

[18]

Nauman, M., Alam, M., Ali, T., and Zhang, X. Remote Attestation of Attribute Updates and Information Flows in a UCON System. In Trust'09: Proceedings of the Second International Conference on Technical and Socio-Economic Aspects of Trusted Computing (2009), Springer, pp. 63--80.

Digital Library

[19]

NSA. Security-Enhanced Linux (SELinux), 2010. Available at: http://www.nsa.gov/selinux/.

[20]

Poritz, J., Schunter, M., Herreweghen, E. V., and Waidner, M. Property Attestation -- Scalable and Privacy-friendly Security Assessment of Peer Computers. In IBM Research Report RZ 3548 (# 99559) 05/10/2004.

[21]

Sadeghi, A.-R., and Stüble, C. Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In NSPW '04: Proceedings of the 2004 Workshop on New Security Paradigms (New York, NY, USA, 2004), ACM Press, pp. 67--77.

Digital Library

[22]

Sailer, R., Jaeger, T., Zhang, X., and van Doorn, L. Attestation-based Policy Enforcement for Remote Access. In CCS '04: Proceedings of the 11th ACM conference on Computer and communications security (New York, NY, USA, 2004), ACM Press, pp. 308--317.

Digital Library

[23]

Sailer, R., Zhang, X., Jaeger, T., and van Doorn, L. Design and Implementation of a TCG-based Integrity Measurement Architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium (2004).

Digital Library

[24]

Shacham, H. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). In Proceedings of the 14th ACM conference on Computer and Communications Security (CCS'08) (2007), ACM New York, NY, USA, pp. 552--561.

Digital Library

[25]

Sheehy, J., Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., Monk, L., Ramsdell, J., and Sniffen, B. Attestation: Evidence and trust. Mitre Technical Paper, March (2007).

[26]

Stumpf, F., Fuchs, A., Katzenbeisser, S., and Eckert, C. Improving the scalability of platform attestation. In STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing (New York, NY, USA, 2008), ACM, pp. 1--10. http://doi.acm.org/10.1145/1456455.1456457.

Digital Library

[27]

TCG. TCG Specification Architecture Overview v1.2, page 11--12. Tech. rep., Trusted Computing Group, April 2004.

[28]

techcrunch. Tech Chrunch, 2012. http://tinyurl.com/cd63fua.

[29]

veracode. Veracode, state of the software security report, 2013. https://www.veracode.com/images/pdf/soss/state-of-software-security-report-volume5.pdf.

[30]

Yoshihama, S., Ebringer, T, Nakamura, M., Munetoh, S., Mishina, T, and Maruyama, H. WS-Attestation: Enabling Trusted Computing on Web Services. Test and Analysis of Web Services (2007), 441--469.

Cited By

Gonzalez-Gomez JNassar HBauer LHenkel J(2024)LightFAt: Mitigating Control-Flow Explosion via Lightweight PMU-Based Control-Flow Attestation2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545348(222-226)Online publication date: 6-May-2024
https://doi.org/10.1109/HOST55342.2024.10545348
Hahn SChereja IMatei O(2021)Evaluation of Transformation Tools in the Context of NoSQL DatabasesIntelligent Systems and Applications10.1007/978-3-030-82196-8_12(146-165)Online publication date: 3-Aug-2021
https://doi.org/10.1007/978-3-030-82196-8_12
Khan YAli TFariz MMoreira FBranco FMartins JGonçalves R(2020)BlockU: Extended usage control in and for BlockchainExpert Systems10.1111/exsy.1250737:3Online publication date: 20-Jan-2020
https://doi.org/10.1111/exsy.12507
Show More Cited By

Index Terms

Design and implementation of an efficient framework for behaviour attestation using n-call slides
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security

Recommendations

Analysis of existing remote attestation techniques

This paper has been written as a part of the research project that is working towards the implementation of dynamic behavioral attestation for mobile platforms. The motivation behind this paper was to analyze the existing remote attestation techniques ...
Model-Driven Remote Attestation: Attesting Remote System from Behavioral Aspect
ICYCS '08: Proceedings of the 2008 The 9th International Conference for Young Computer Scientists

Remote attestation was introduced in TCG specificationsto determine whether a remote system is trusted to behavein a particular manner for a specific purpose; however,most of the existing approaches attest only the integritystate of a remote system and ...
Credibility Attestation of Property Remote Attestation Method
FITME '09: Proceedings of the 2009 Second International Conference on Future Information Technology and Management Engineering

During the realizing process of remote attestation, except for using trusted computing technology to protect physical security, storage security and operation security of certifier, cipher mechanism need to be combined to ensure the credibility of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICUIMC '14: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

January 2014

757 pages

ISBN:9781450326445

DOI:10.1145/2557977

Conference Chairs:
Dongsoo S. Kim
Indiana University
,
Sang-Wook Kim
Hanyang University, Korea
,
General Chairs:
Suk-Han Lee
Sungkyunkwan University
,
Korea Lajos Hanzo
University of Southampton, UK
,
Roslan Ismail
Universiti Kuala Lumpur, Malaysia

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing
SKKU: SUNGKYUNKWAN UNIVERSITY

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 January 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICUIMC '14

Sponsor:

SIGAPP
SKKU

ICUIMC '14: The 8th International Conference on Ubiquitous Information Management and Communication

January 9 - 11, 2014

Siem Reap, Cambodia

Acceptance Rates

ICUIMC '14 Paper Acceptance Rate 116 of 407 submissions, 29%;

Overall Acceptance Rate 251 of 941 submissions, 27%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
108
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gonzalez-Gomez JNassar HBauer LHenkel J(2024)LightFAt: Mitigating Control-Flow Explosion via Lightweight PMU-Based Control-Flow Attestation2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545348(222-226)Online publication date: 6-May-2024
https://doi.org/10.1109/HOST55342.2024.10545348
Hahn SChereja IMatei O(2021)Evaluation of Transformation Tools in the Context of NoSQL DatabasesIntelligent Systems and Applications10.1007/978-3-030-82196-8_12(146-165)Online publication date: 3-Aug-2021
https://doi.org/10.1007/978-3-030-82196-8_12
Khan YAli TFariz MMoreira FBranco FMartins JGonçalves R(2020)BlockU: Extended usage control in and for BlockchainExpert Systems10.1111/exsy.1250737:3Online publication date: 20-Jan-2020
https://doi.org/10.1111/exsy.12507
Ali TIsmail RMusa SNauman MKhan S(2018)Design and implementation of an attestation protocol for measured dynamic behaviorThe Journal of Supercomputing10.1007/s11227-017-2054-274:11(5746-5773)Online publication date: 1-Nov-2018
https://dl.acm.org/doi/10.1007/s11227-017-2054-2
Castro CCamara SCarmo LBoccardo D(2017)EVINCED: Integrity Verification Scheme for Embedded Systems Based on Time and Clock Cycles2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech)10.1109/DASC-PICom-DataCom-CyberSciTec.2017.135(788-795)Online publication date: Nov-2017
https://doi.org/10.1109/DASC-PICom-DataCom-CyberSciTec.2017.135
Ali TNauman MJan S(2017)Trust in IoT: dynamic remote attestation through efficient behavior captureCluster Computing10.1007/s10586-017-0877-521:1(409-421)Online publication date: 27-Apr-2017
https://doi.org/10.1007/s10586-017-0877-5
Syed TJan SMusa SAli J(2016)Providing efficient, scalable and privacy preserved verification mechanism in remote attestation2016 International Conference on Information and Communication Technology (ICICTM)10.1109/ICICTM.2016.7890807(236-245)Online publication date: 2016
https://doi.org/10.1109/ICICTM.2016.7890807
Ali TAli JAli TNauman MMusa S(2016)Efficient, Scalable and Privacy Preserving Application Attestation in a Multi Stakeholder ScenarioComputational Science and Its Applications -- ICCSA 201610.1007/978-3-319-42089-9_29(407-421)Online publication date: 1-Jul-2016
https://doi.org/10.1007/978-3-319-42089-9_29
Syed TMusa SRahman AJan S(2015)Towards Secure Instance Migration in the Cloud2015 International Conference on Cloud Computing (ICCC)10.1109/CLOUDCOMP.2015.7149664(1-6)Online publication date: Apr-2015
https://doi.org/10.1109/CLOUDCOMP.2015.7149664

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents