Software-based Code Attestation for Wireless Sensors.

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
Dr. XiaoFeng Wang Spring 2006 Packet Vaccine: Black-box Exploit Detection and Signature Generation XiaoFeng Wang, Zhuowei Li Jun Xu, Mike Reiter Chongkyung.
The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.
1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.
Preventing Reverse Engineering by Obfuscating Bharath Kumar.
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Chapter 5 Anti-Anti-Virus. Anti-Anti-Virus  All viruses self-replicate  Anti-anti-virus means it’s “openly hostile” to AV  Anti-anti-virus techniques?
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
Remote Software-based Attestation for Wireless Sensors July 13, 2005 Mark Shaneck, Karthikeyan Mahadevan Vishal Kher, Yongdae Kim Department of Computer.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Outcomes What is RPC? The difference between conventional procedure call and RPC? Understand the function of client and server stubs How many steps could.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Towards Application Security On Untrusted OS
1 Pioneer: Dynamic Root of Trust for Measurement and Verifiable Executable Invocation Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig (CMU), Leendert.
Starting Out with C++: Early Objects 5/e © 2006 Pearson Education. All Rights Reserved Starting Out with C++: Early Objects 5 th Edition Chapter 1 Introduction.
Host Intrusion Prevention Systems & Beyond
2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Leveraging State Information for Automated Attack Discovery In Transport Protocol Implementations Samuel Jero, Hyojeong Lee, and Cristina Nita-Rotaru Purdue.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.
Trusted Computing Technologies for Embedded Systems and Sensor Networks Adrian Perrig Carnegie Mellon University.
Mark W. Propst Scientific Research Corporation.  Attack Motivations  Vulnerability Classification  Traffic Pattern Analysis  Testing Barriers  Concluding.
Jarhead Analysis and Detection of Malicious Java Applets Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna University of California Annual Computer.
Reliability of Wireless Sensors with Code Attestation for Intrusion Detection Presented by: Yating Wang.
CSC 125 Introduction to C++ Programming Chapter 1 Introduction to Computers and Programming.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Network and Internet Security SYSTEM SECURITY. Virus Countermeasures Antivirus approach ◦Ideal solution: Prevention ◦Not allowing the virus to infect.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Address Space Layout Permutation
Software Project Management
Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.
On the Difficulty of Software-Based Attestation of Embedded Devices Claude Castelluccia Aurélien Francillon Daniele Perito INRIA Rhône-Alpes
Windows PE files Infections and Heuristic Detection Nicolas BRULEZ / Digital River PACSEC '04.
Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.
Operating system Security By Murtaza K. Madraswala.
Packet Vaccine: Black-box Exploit Detection and Signature Generation
Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.
The Sybil Attack in Sensor Networks: Analysis & Defenses
Christopher Kruegel University of California Engin Kirda Institute Eurecom Clemens Kolbitsch Thorsten Holz Secure Systems Lab Vienna University of Technology.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
1 A Secure Access Control Mechanism against Internet Crackers Kenichi Kourai* Shigeru Chiba** *University of Tokyo **University of Tsukuba.
Tufts Wireless Laboratory Tufts University School Of Engineering Real-Time Data Services for Cyber Physical Systems Zhong Zou.
Cryptography and Network Security Sixth Edition by William Stallings.
Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.
Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.
Protecting The Kernel Data through Virtualization Technology BY VENKATA SAI PUNDAMALLI id :
Operating System Protection Through Program Evolution Fred Cohen Computers and Security 1992.
Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.
Shakeel Rutgers University Vinod Rutgers University Michael M. University of Wisconsin-Madison Chih-Cheng Rutgers University.
Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.
1 Software Reliability in Wireless Sensor Networks (WSN) -Xiong Junjie
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
M1G Introduction to Programming 2 2. Creating Classes: Game and Player.
1 Xen and the Art of Binary Modification Lies, Damn Lies, and Page Frame Addresses Greg Cooksey and Nate Rosenblum, March 2007.
MIT/Determina Application Communities, page 1 Approved for Public Release, Distribution Unlimited - Case 9649 Collaborative learning for security and repair.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.
Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.
Introduction to Information Security
Shielding applications from an untrusted cloud with Haven
Security in SDR & cognitive radio
Presentation transcript:

Software-based Code Attestation for Wireless Sensors

Introduction Securing sensors in critical applications is important Compromise of a sensor can enable attacker to inject false sensing information Compromise of shared keys can enable attacker to compromise secure communications 2

Attestation How to detect compromise? Attest! Ensure that the contents of the memory are unchanged – Detects sensor compromise that involves a modification of the program memory – Compute a checksum of the memory contents 3

Naïve Attestation Model Attestation routine reads memory and computes a checksum Attacker must offset memory reads to avoid detection – Offsets incur measurable delay in execution – Attester can measure execution time to detect compromise 4 MalcodeAttest Unmodified Copy Of Original Program Memory of Sensor

Limitations Suitable for directly connected devices – Slight execution delays can be accurately measured 5

Remote Attestation How can we adapt the attestation model to work in a remote setting? Prevent attacker from analyzing attestation code offline – Send the attestation routine to the sensor – Make it different each time Prevent attacker from modifying attestation code – Use techniques to make it difficult to statically analyze 6

Why Remote Attestation? Is remote attestation really necessary? Physical access to the sensors is not always feasible – Military setting - sensors are located in hostile, enemy territory – Building monitoring - sensors could be located in dangerous/inaccessible locations 7

Building Blocks Randomization Encryption Self-Modifying Code Obfuscation – Opaque Predicates/Pointer Aliasing – Junk Instructions 8

Opaque Predicates Conditions that always evaluate to true or always evaluate to false – Evaluation result is not obvious from static analysis Can be formed through pointer aliasing – known to be an NP-hard problem 9

Junk Instructions Full or partial machine code instructions – Full - distract analysis – Partial - confuse analysis 10

Attestation Protocol 11 Compare Results Measure Response Time Generate Attestation Routine Precompute Result Base Attestation Routine Checksum Result Execute Attestation Routine Sensor

Attestation Routine Overview Randomly step through program memory, adding values to the checksum result Loop repeats O(n log n) times to ensure complete coverage of the memory Routine will incorporate the building blocks to prevent attacks on the routine itself 12

New attacks: – Return oriented programming: does not need to inject malicious code – Manipulate the program stack – Completeness in the libc library – Not complete for sensor OS, but prototype has been demonstrated 13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.