On the difficulty of software-based attestation of embedded devices

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2009, Pages 400-409

  Castelluccia, Claude ^a   Francillon, Aurélien ^a   Perito, Daniele ^a   Soriente, Claudio ^b  

^a INRIA RHÔNE ALPES   (France)

^b UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Code compression; Embedded systems; Indisputable code execution; Return oriented programming; Software based attestation; SWATT; Wireless sensor networks

Indexed keywords

ACCESS DEVICES; CODE COMPRESSION; CODE EXECUTION; DEDICATED HARDWARE; EMBEDDED DEVICE; FREE SPACE; MALICIOUS CODES; PROGRAMMING SOFTWARE; RETURN-ORIENTED PROGRAMMING; SECURITY PROTOCOLS; SOFTWARE-BASED; TIME CONSTRAINTS;

EMBEDDED SOFTWARE; EMBEDDED SYSTEMS; NETWORK PROTOCOLS; NETWORK SECURITY; SENSOR NETWORKS; WIRELESS TELECOMMUNICATION SYSTEMS;

WIRELESS SENSOR NETWORKS;

EID: 74049112175     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1653662.1653711     Document Type: Conference Paper

References (33)

1. ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. Control-flow integrity. In CCS '05: Proceedings of the 12th ACM conference on Computer and Communications Security (2005), ACM.
2. ANDERSON, R., AND KUHN, M. Tamper resistance - a cautionary note. In In Proceedings of the Second Usenix Workshop on Electronic Commerce (1996).
3. ATMEL CORPORATION. Atmega128 datasheet. http://www.atmel.com/atmel/acrobat/doc2467.pdf.
4. BUCHANAN, E., ROEMER, R., SHACHAM, H., AND SAVAGE, S. When good instructions go bad: generalizing return-oriented programming to RISC. In Proceedings of CCS '08 (2008), ACM.
5. CHOI, Y.-G., KANG, J., AND NYANG, D. Proactive code verification protocol in wireless sensor network. In ICCSA (2007), O. Gervasi and M. L. Gavrilova, Eds., vol. 4706 of Lecture Notes in Computer Science, Springer.
6. COOPRIDER, N., ARCHER, W., EIDE, E., GAY, D., AND REGEHR, J. Efficient memory safety for TinyOS. In SenSys '07 (2007), ACM.
7. ENGLAND, P., LAMPSON, B., MANFERDELLI, J., PEINADO, M., AND WILLMAN, B. A trusted open platform. Computer 36, 7 (2003).
8. FERGUSON, C., GU, Q., AND SHI, H. Self-healing control flow protection in sensor applications. In WiSec '09 (2009), ACM.
9. FRANCILLON, A., AND CASTELLUCCIA, C. Code injection attacks on Harvard-architecture devices. In ACM Conference on Computer and Communications Security (2008), P. Ning, P. F. Syverson, and S. Jha, Eds., ACM.
10. GOODSPEED, T. Exploiting wireless sensor networks over 802.15.4. In Texas Instruments Developper Conference (2008).
11. GU, Q., AND NOORANI, R. Towards self-propagate mal-packets in sensor networks. In WiSec (2008), ACM.
12. HOGLUND, G., AND BUTLER, J. Rootkits : Subverting the Windows Kernel. Addison-Wesley, 2005.
13. HU, W., CORKE, P., SHIH, W. C., AND OVERS, L. secfleck: A public key technology platform for wireless sensor networks. In EWSN (2009), vol. 5432 of Lecture Notes in Computer Science, Springer.
14. HUFFMAN, D.A. A method for the constructionof minimum redundancy codes. Proceedings of the IRE 40 (1962).
15. HUND, R., HOLZ, T., AND FREILING, F. C. Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms. In Proceedings of the 18th USENIX Security Symposium (August 2009).
16. KENNELL, R., AND JAMIESON, L. H. Establishing the genuinity of remote computer systems. In SSYM'03: Proceedings of the 12th conference on USENIX Security Symposium (Berkeley, CA, USA, 2003), USENIX Association, pp. 21-21.
17. KLIMOV, A., AND SHAMIR, A. New cryptographic primitives based on multiword t-functions. In Fast Software Encryption, 11th International Workshop, FSE 2004 (2004).
18. KRAHMER, S. x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique. Tech. rep., suse, September 2005. available at http://www.suse.de/ krahmer/no-nx.pdf.
19. KUO, C., LUK, M., NEGI, R., AND PERRIG, A. Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes. In SenSys '07: Proceedings of the 5th international conference on Embedded networked sensor systems (2007), ACM.
20. NERGAL. The advanced return-into-lib(c) exploits (pax case study). Phrack Magazine 58, 4 (2001). http://www.phrack.org/issues.html? issue=58&id=4.
21. PARK, T., AND SHIN, K. G. Soft tamper-proofing via program integrity verification in wireless sensor networks. IEEE Trans. Mob. Comput. 4, 3 (2005).
22. SESHADRI, A., LUK, M., AND PERRIG, A. SAKE: Software attestation for key establishment in sensor networks. In DCOSS '08: Proceedings of the 4th IEEE international conference on Distributed Computing in Sensor Systems (2008).
23. SESHADRI, A., LUK, M., PERRIG, A., VAN DOORN, L., AND KHOSLA, P. SCUBA: Secure code update by attestation in sensor networks. In WiSe '06: Proceedings of the 5th ACM workshop on Wireless security (2006), ACM.
24. SESHADRI, A., LUK, M., SHI, E., PERRIG, A., VAN DOORN, L., AND KHOSLA, P. Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In SOSP '05: Proceedings of the twentieth ACM symposium on Operating systems principles (2005), ACM.
25. SESHADRI, A., PERRIG, A., VAN DOORN, L., AND KHOSLA, P. Using SWATT for verifying embedded systems in cars. In Proceedings of Embedded Security in Cars Workshop (ESCAR 2004) (Nov. 2004).
26. SESHADRI, A., PERRIG, A., VAN DOORN, L., AND KHOSLA, P. K. SWATT: SoftWare-based ATTestation for embedded devices. In IEEE Symposium on Security and Privacy (2004), IEEE Computer Society.
27. SHACHAM, H. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of CCS 2007 (2007), ACM.
28. SHANECK, M., MAHADEVAN, K., KHER, V., AND KIM, Y. Remote software-based attestation for wireless sensors. In ESAS (2005).
29. SHANKAR, U., CHEW, M., AND TYGAR, J. D. Side effects are not sufficient to authenticate software. In Proceedings of the 13th USENIX Security Symposium (August 2004).
30. SOLAR DESIGNER. return-to-libc attack. Bugtraq mailing list, August 1997.
31. TEXAS INSTRUMENTS. Msp430 f1611 datasheet.
32. YANG, X., COOPRIDER, N., AND REGEHR, J. Eliminating the call stack to save ram. In To appear in LCTES 2009 (June 2009), ACM.
33. YANG, Y., WANG, X., ZHU, S., AND CAO, G. Distributed software-based attestation for node compromise detection in sensor networks. In SRDS (2007), IEEE Computer Society.