Skip to main content
SpringerLink
Log in

DRSA: Debug Register-Based Self-relocating Attack Against Software-Based Remote Authentication

  • Conference paper
  • First Online:
Blockchain Technology and Emerging Applications (BlockTEA 2023)

  • 21 Accesses

Abstract

Remote attestation (RA) is an essential feature in many security protocols to verify the memory integrity of remote embedded (IoT) devices. Several RA techniques have been proposed to verify the remote device binary at the time when a checksum function is executed over a specific memory region. A self-relocating malware may try to move itself to avoid being “caught” by the checksum function because the attestation provides no information about the device binary before the current checksum function execution or between consecutive checksum function executions. Several software-based that lack of dedicated hardware rely on detecting the extra latency incurred by the moving process of self-relocating malware by setting tight time constraints. In this paper, we demonstrate the shortcomings of existing software-based approaches by presenting Debug Register-based Self-relocating Attack (DRSA). DRSA monitors the execution of the checksum function using the debug registers and erases itself before the next attestation. Our evaluation demonstrates that DRSA incurs low overhead, and it is extremely difficult for the verifier to detect it.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aman, M.N., et al.: HAtt: hybrid remote attestation for the internet of things with high availability. IEEE Internet Things J. 7(8), 7220–7233 (2020)

    Article  Google Scholar 

  2. Ammar, M., Crispo, B., Jacobs, B., Hughes, D., Daniels, W.: S\(\mu \)v-the security microvisor: a formally-verified software-based security architecture for the internet of things. IEEE Trans. Dependable Secure Comput. 16(5), 885–901 (2019)

    Article  Google Scholar 

  3. Ammar, M., Crispo, B., Tsudik, G.: Simple: a remote attestation approach for resource-constrained IoT devices. In: 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS), pp. 247–258. IEEE (2020)

    Google Scholar 

  4. ARM, A.: Security technology building a secure system using trustzone technology (white paper). ARM Limited (2009)

    Google Scholar 

  5. Brasser, F., El Mahjoub, B., Sadeghi, A.R., Wachsmann, C., Koeberl, P.: TyTAN: tiny trust anchor for tiny devices. In: Proceedings of the 52nd Annual Design Automation Conference, pp. 1–6 (2015)

    Google Scholar 

  6. Carpent, X., Rattanavipanon, N., Tsudik, G.: Remote attestation of IoT devices via smarm: shuffled measurements against roving malware. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 9–16. IEEE (2018)

    Google Scholar 

  7. Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 400–409 (2009)

    Google Scholar 

  8. De Oliveira Nunes, I., Jakkamsetti, S., Rattanavipanon, N., Tsudik, G.: On the TOCTOU problem in remote attestation. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 2921–2936 (2021)

    Google Scholar 

  9. Dushku, E., Rabbani, M.M., Conti, M., Mancini, L.V., Ranise, S.: SARA: secure asynchronous remote attestation for IoT systems. IEEE Trans. Inf. Forensics Secur. 15, 3123–3136 (2020)

    Article  Google Scholar 

  10. Eldefrawy, K., Rattanavipanon, N., Tsudik, G.: Hydra: hybrid design for remote attestation (using a formally verified microkernel). In: Proceedings of the 10th ACM Conference on Security and Privacy in wireless and Mobile Networks, pp. 99–110 (2017)

    Google Scholar 

  11. Group, T.C.: Trusted platform module (TPM) (2017). http://www.trustedcomputinggroup.org

  12. Guide, P.: Intel® 64 and ia-32 architectures software developer’s manual. Volume 3B: System programming Guide, Part 2(11), 0–40 (2011)

    Google Scholar 

  13. Hao, S., et al.: Deep reinforce learning for joint optimization of condition-based maintenance and spare ordering. Inf. Sci. 634, 85–100 (2023)

    Article  Google Scholar 

  14. Noorman, J., et al.: Sancus: low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: 22nd USENIX Security Symposium (USENIX Security 13), pp. 479–498 (2013)

    Google Scholar 

  15. Petzi, L., Yahya, A.E.B., Dmitrienko, A., Tsudik, G., Prantl, T., Kounev, S.: \(\{\)SCRAPS\(\}\): scalable collective remote attestation for \(\{\)Pub-Sub\(\}\)\(\{\)IoT\(\}\) networks with untrusted proxy verifier. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 3485–3501 (2022)

    Google Scholar 

  16. Seshadri, A., Luk, M., Shi, E., Perrig, A., Van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, pp. 1–16 (2005)

    Google Scholar 

  17. Seshadri, A., Perrig, A., Van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004, pp. 272–282. IEEE (2004)

    Google Scholar 

  18. Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 27–41. Springer, Heidelberg (2005). https://doi.org/10.1007/11601494_3

    Chapter  Google Scholar 

  19. Shepherd, C., Markantonakis, K., Jaloyan, G.A.: LIRA-V: lightweight remote attestation for constrained RISC-V devices. In: 2021 IEEE Security and Privacy Workshops (SPW), pp. 221–227. IEEE (2021)

    Google Scholar 

  20. Yang, X., et al.: Towards a low-cost remote memory attestation for the smart grid. Sensors 15(8), 20799–20824 (2015)

    Article  Google Scholar 

  21. Yang, Y., Wang, X., Zhu, S., Cao, G.: Distributed software-based attestation for node compromise detection in sensor networks. In: 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), pp. 219–230. IEEE (2007)

    Google Scholar 

  22. Zhang, N., Tan, Y.A., Yang, C., Li, Y.: Deep learning feature exploration for android malware detection. Appl. Soft Comput. 102, 107069 (2021)

    Article  Google Scholar 

  23. Zhang, Q., et al.: A hierarchical group key agreement protocol using orientable attributes for cloud computing. Inf. Sci. 480, 55–69 (2019)

    Article  Google Scholar 

  24. Zhu, H., Tan, Y.A., Zhu, L., Zhang, Q., Li, Y.: An efficient identity-based proxy blind signature for semioffline services. Wireless Commun. Mobile Comput. 2018(2), 1–9 (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Beijing Institute of Technology, Beijing, 100081, China

    Zheng Zhang, Jingfeng Xue, Kefan Qiu, Tian Chen & Yuanzhang Li

  2. China Southern Power Grid Digital Grid Group Co., Ltd., Guangzhou, 510000, Guangdong, China

    Tianshi Mu & Ting Yu

Authors
  1. Zheng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jingfeng Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tianshi Mu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ting Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kefan Qiu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Tian Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Yuanzhang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuanzhang Li .

Editor information

Editors and Affiliations

  1. Central China Normal University, Wuhan, China

    Jiageng Chen

  2. Wuhan University of Technology, Wuhan, China

    Zhe Xia

Rights and permissions

Reprints and permissions

Copyright information

© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, Z. et al. (2024). DRSA: Debug Register-Based Self-relocating Attack Against Software-Based Remote Authentication. In: Chen, J., Xia, Z. (eds) Blockchain Technology and Emerging Applications. BlockTEA 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 577. Springer, Cham. https://doi.org/10.1007/978-3-031-60037-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-60037-1_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-60036-4

  • Online ISBN: 978-3-031-60037-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation