skip to main content
10.1145/2557977.2558002acmconferencesArticle/Chapter ViewAbstractPublication PagesicuimcConference Proceedingsconference-collections
research-article

Design and implementation of an efficient framework for behaviour attestation using n-call slides

Published: 09 January 2014 Publication History

Abstract

We present design and implementation of behaviour based attestation of an enterprise centric application. Remote attestation is used to measure the trustworthiness of the target platform. Some of the techniques proposed in the past are hash based which are efficient but could not measure malicious behaviour of an application caused by buffer overflow attacks or misconfigured by end user. To tackle these attacks the runtime dynamic behaviour of the target application should be measured and verified. In this regard, behaviour based attestation techniques are proposed but they have problems of efficiency and verification at the challenger end. In this research, we have designed and implemented an architecture of sliding windows of system calls which reduces measurement of the application's behaviour and is successfully able to identify trustworthiness of the target application. We have reproduced the previous system calls based techniques and compared the results with our work to prove the performance improvements.

References

[1]
Project: Dynamic Behavioral Attestation for Mobile Platforms. http://serg.imsciences.edu.pk/projects/dbamp/.
[2]
Alam, M., Zhang, X., Nauman, M., and Ali, T. Behavioral Attestation for Web Services (BA4WS). In SWS'08: Proceedings of the ACM Workshop on Secure Web Services (SWS) located at 15th ACM Conference on Computer and Communications Security (CCS-15) (New York, NY, USA, 2008), ACM Press.
[3]
Alam, M., Zhang, X., Nauman, M., Ali, T., and Seifert, J.-P. Model-based Behavioral Attestation. In SACMAT '08: Proceedings of the thirteenth ACM symposium on Access control models and technologies. (New York, NY, USA, 2008), ACM Press.
[4]
Ali, T., Nauman, M., and Alam, M. Scalable Remote Attestation with Privacy Protection. In InTrust'09: Proceedings of the International Conference on Trusted Systems (2009), Springer.
[5]
Ali, T., Nauman, M., and Zhang, X. On leveraging stochastic models for remote attestation. In Trusted Systems. Springer, 2011, pp. 290--301.
[6]
Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.-R., and Stüble, C. A protocol for property-based attestation. In Proceedings of the first ACM workshop on Scalable trusted computing (2006), ACM, pp. 7--16.
[7]
Davi, L., Sadeghi, A., and Winandy, M. Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks. In Proceedings of the 2009 ACM workshop on Scalable trusted computing (2009), ACM, pp. 49--54.
[8]
Fawcett, T. An introduction to roc analysis. Pattern recognition letters 27, 8 (2006), 861--874.
[9]
GNU. Gnu Not Unix, 2013. http://www.gnu.org.philosophy.free-sw.html.
[10]
Gu, L., Cheng, Y., Ding, X., Deng, R., Guo, Y., and Shao, W. Remote Attestation on Function Execution. In InTrust'09: Proceedings of the 2009 International Conference on Trusted Systems (2009).
[11]
Gu, L., Ding, X., Deng, R., Xie, B., and Mei, H. Remote Attestation on Program Execution. In STC '08: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing (New York, NY, USA, 2008), ACM.
[12]
Haldar, V., Chandra, D., and Franz, M. Semantic Remote Attestation -- A Virtual Machine directed approach to Trusted Computing. In. Proc. of the Third Virtual Machine Research and Technology Symposium USENIX 2004 (2004).
[13]
Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., and Witten, I. The WEKA data mining software: An update. ACM SIGKDD Explorations Newsletter 11, 1 (2009), 10--18.
[14]
Jaeger, T., Sailer, R., and Shankar, U. PRIMA: Policy-Reduced Integrity Measurement Architecture. In SACMAT '06: Proceedings of the eleventh ACM Symposium on Access Control Models and Technologies (New York, NY, USA, 2006), ACM Press, pp. 19--28.
[15]
Li, X.-Y., xiang Shen, C., and Zuo, X.-D. An Efficient Attestation for Trustworthiness of Computing Platform. In IIH-MSP (2006), pp. 625--630.
[16]
Loscocco, P. A., Wilson, P. W, Pendergrass, J. A., and McDonell, C. D. Linux Kernel Integrity Measurement Using Contextual Inspection. In STC '07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (New York, NY, USA, 2007), ACM, pp. 21--29.
[17]
Lyle, J. Trustable Remote Verification of Web Services. In Trusted Computing: Second International Conference on Trusted Computing, Trust 2009 Oxford, UK, April 6--8, 2009 Proceedings (2009), Springer London, Limited, p. 153.
[18]
Nauman, M., Alam, M., Ali, T., and Zhang, X. Remote Attestation of Attribute Updates and Information Flows in a UCON System. In Trust'09: Proceedings of the Second International Conference on Technical and Socio-Economic Aspects of Trusted Computing (2009), Springer, pp. 63--80.
[19]
NSA. Security-Enhanced Linux (SELinux), 2010. Available at: http://www.nsa.gov/selinux/.
[20]
Poritz, J., Schunter, M., Herreweghen, E. V., and Waidner, M. Property Attestation -- Scalable and Privacy-friendly Security Assessment of Peer Computers. In IBM Research Report RZ 3548 (# 99559) 05/10/2004.
[21]
Sadeghi, A.-R., and Stüble, C. Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In NSPW '04: Proceedings of the 2004 Workshop on New Security Paradigms (New York, NY, USA, 2004), ACM Press, pp. 67--77.
[22]
Sailer, R., Jaeger, T., Zhang, X., and van Doorn, L. Attestation-based Policy Enforcement for Remote Access. In CCS '04: Proceedings of the 11th ACM conference on Computer and communications security (New York, NY, USA, 2004), ACM Press, pp. 308--317.
[23]
Sailer, R., Zhang, X., Jaeger, T., and van Doorn, L. Design and Implementation of a TCG-based Integrity Measurement Architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium (2004).
[24]
Shacham, H. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). In Proceedings of the 14th ACM conference on Computer and Communications Security (CCS'08) (2007), ACM New York, NY, USA, pp. 552--561.
[25]
Sheehy, J., Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., Monk, L., Ramsdell, J., and Sniffen, B. Attestation: Evidence and trust. Mitre Technical Paper, March (2007).
[26]
Stumpf, F., Fuchs, A., Katzenbeisser, S., and Eckert, C. Improving the scalability of platform attestation. In STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing (New York, NY, USA, 2008), ACM, pp. 1--10. http://doi.acm.org/10.1145/1456455.1456457.
[27]
TCG. TCG Specification Architecture Overview v1.2, page 11--12. Tech. rep., Trusted Computing Group, April 2004.
[28]
techcrunch. Tech Chrunch, 2012. http://tinyurl.com/cd63fua.
[29]
veracode. Veracode, state of the software security report, 2013. https://www.veracode.com/images/pdf/soss/state-of-software-security-report-volume5.pdf.
[30]
Yoshihama, S., Ebringer, T, Nakamura, M., Munetoh, S., Mishina, T, and Maruyama, H. WS-Attestation: Enabling Trusted Computing on Web Services. Test and Analysis of Web Services (2007), 441--469.

Cited By

View all
  • (2024)LightFAt: Mitigating Control-Flow Explosion via Lightweight PMU-Based Control-Flow Attestation2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545348(222-226)Online publication date: 6-May-2024
  • (2021)Evaluation of Transformation Tools in the Context of NoSQL DatabasesIntelligent Systems and Applications10.1007/978-3-030-82196-8_12(146-165)Online publication date: 3-Aug-2021
  • (2020)BlockU: Extended usage control in and for BlockchainExpert Systems10.1111/exsy.1250737:3Online publication date: 20-Jan-2020
  • Show More Cited By

Index Terms

  1. Design and implementation of an efficient framework for behaviour attestation using n-call slides

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ICUIMC '14: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
      January 2014
      757 pages
      ISBN:9781450326445
      DOI:10.1145/2557977
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 09 January 2014

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. dynamic behaviuor
      2. remote attestation
      3. security
      4. trusted computing

      Qualifiers

      • Research-article

      Conference

      ICUIMC '14
      Sponsor:

      Acceptance Rates

      ICUIMC '14 Paper Acceptance Rate 116 of 407 submissions, 29%;
      Overall Acceptance Rate 251 of 941 submissions, 27%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)0
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 08 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)LightFAt: Mitigating Control-Flow Explosion via Lightweight PMU-Based Control-Flow Attestation2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545348(222-226)Online publication date: 6-May-2024
      • (2021)Evaluation of Transformation Tools in the Context of NoSQL DatabasesIntelligent Systems and Applications10.1007/978-3-030-82196-8_12(146-165)Online publication date: 3-Aug-2021
      • (2020)BlockU: Extended usage control in and for BlockchainExpert Systems10.1111/exsy.1250737:3Online publication date: 20-Jan-2020
      • (2018)Design and implementation of an attestation protocol for measured dynamic behaviorThe Journal of Supercomputing10.1007/s11227-017-2054-274:11(5746-5773)Online publication date: 1-Nov-2018
      • (2017)EVINCED: Integrity Verification Scheme for Embedded Systems Based on Time and Clock Cycles2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech)10.1109/DASC-PICom-DataCom-CyberSciTec.2017.135(788-795)Online publication date: Nov-2017
      • (2017)Trust in IoT: dynamic remote attestation through efficient behavior captureCluster Computing10.1007/s10586-017-0877-521:1(409-421)Online publication date: 27-Apr-2017
      • (2016)Providing efficient, scalable and privacy preserved verification mechanism in remote attestation2016 International Conference on Information and Communication Technology (ICICTM)10.1109/ICICTM.2016.7890807(236-245)Online publication date: 2016
      • (2016)Efficient, Scalable and Privacy Preserving Application Attestation in a Multi Stakeholder ScenarioComputational Science and Its Applications -- ICCSA 201610.1007/978-3-319-42089-9_29(407-421)Online publication date: 1-Jul-2016
      • (2015)Towards Secure Instance Migration in the Cloud2015 International Conference on Cloud Computing (ICCC)10.1109/CLOUDCOMP.2015.7149664(1-6)Online publication date: Apr-2015

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media