Loading [a11y]/accessibility-menu.js
Scrutinizing Code Signing: A Study of in-Depth Threat Modeling and Defense Mechanism | IEEE Journals & Magazine | IEEE Xplore

Scrutinizing Code Signing: A Study of in-Depth Threat Modeling and Defense Mechanism


Abstract:

Abuse of code signing has garnered attention from security researchers, as evidenced by threat modeling efforts targeting the public key infrastructure trust infrastructu...Show More

Abstract:

Abuse of code signing has garnered attention from security researchers, as evidenced by threat modeling efforts targeting the public key infrastructure trust infrastructure of code signing and empirical studies examining issues surrounding the revocation of code signing certificates. However, current research on code signing remains inadequate in bridging the gap between attack strategies and defensive measures. This shortfall is primarily due to the predominant focus on quantitative measurements in academic studies, often at the expense of a thorough analysis of the underlying code signing mechanisms. Moreover, the misalignment of some threat models and measurement outcomes with real-world attack scenarios further hampers efforts to enhance defenses against code signing abuse. To the best of our knowledge, this article represents the first comprehensive and in-depth analysis of code signing security from both offensive and defensive perspectives. Commencing with a profound understanding of code signing and its verification mechanisms, we constructed an integrated threat model encompassing eight typical attack patterns and distilled a set of critical security properties that directly influence the security of code signing. Proceeding from this foundation, we systematically reviewed and analyzed various defensive strategies associated with these security properties, meticulously discussing their strengths, limitations, and the specific attack types they effectively defend against or mitigate. Lastly, this article conducts a risk statistical analysis based on actual security incidents, with the related results directly impacting the prioritization of defensive mechanism deployments. This ensures, at a practical level, the effectiveness and relevance of the defense strategies implemented.
Published in: IEEE Internet of Things Journal ( Volume: 11, Issue: 24, 15 December 2024)
Page(s): 40051 - 40069
Date of Publication: 26 August 2024

ISSN Information:

Funding Agency:


References

References is not available for this document.