Related papers: Evidence Tampering and Chain of Custody in Layered Attestations

Evidence Tampering and Chain of Custody in Layered Attestations

URL: http://arxiv.org/abs/2402.00203v1
Date: Wed, 31 Jan 2024 21:54:53 GMT
Title: Evidence Tampering and Chain of Custody in Layered Attestations
Authors: Ian D. Kretz, Clare C. Parran, John D. Ramsdell, Paul D. Rowe,
Abstract summary: In distributed systems, trust decisions are made on the basis of integrity evidence generated via remote attestation. We present algorithms for identifying all such tampering opportunities for given evidence as well as tampering "strategies" by which an adversary can modify incriminating evidence without being detected. Our efforts are intended to help protocol designers ensure their protocols reduce evidence tampering opportunities to the smallest, most trustworthy set of components possible.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: In distributed systems, trust decisions are made on the basis of integrity evidence generated via remote attestation. Examples of the kinds of evidence that might be collected are boot time image hash values; fingerprints of initialization files for userspace applications; and a comprehensive measurement of a running kernel. In layered attestations, evidence is typically composed of measurements of key subcomponents taken from different trust boundaries within a target system. Discrete measurement evidence is bundled together for appraisal by the components that collectively perform the attestation. In this paper, we initiate the study of evidence chain of custody for remote attestation. Using the Copland attestation specification language, we formally define the conditions under which a runtime adversary active on the target system can tamper with measurement evidence. We present algorithms for identifying all such tampering opportunities for given evidence as well as tampering "strategies" by which an adversary can modify incriminating evidence without being detected. We then define a procedure for transforming a Copland-specified attestation into a maximally tamper-resistant version of itself. Our efforts are intended to help attestation protocol designers ensure their protocols reduce evidence tampering opportunities to the smallest, most trustworthy set of components possible.

Related papers

Formal Verification of Permission Voucher [1.4732811715354452]
The Permission Voucher Protocol is a system designed for secure and authenticated access control in distributed environments. The analysis employs the Tamarin Prover, a state-of-the-art tool for symbolic verification, to evaluate key security properties. Results confirm the protocol's robustness against common attacks such as message tampering, impersonation, and replay.
arXiv Detail & Related papers (2024-12-18T14:11:50Z)
On the Verification of Control Flow Attestation Evidence [9.30850875158975]
We argue that run-time attestation and auditing are only truly useful if Vrf can effectively analyze received evidence. As a case study for practical uses of run-time evidence by Vrf, we propose SABRE: a Security Analysis and Binary Repair Engine.
arXiv Detail & Related papers (2024-11-16T18:24:11Z)
Unleashing Potential of Evidence in Knowledge-Intensive Dialogue Generation [37.29386687125705]
We propose a framework to effectively incorporate Evidence in knowledge-Intensive Dialogue Generation (u-EIDG) Specifically, we introduce an automatic evidence generation framework that harnesses the power of Large Language Models (LLMs) to mine reliable evidence labels from unlabeled data. By utilizing these evidence labels, we train a reliable evidence indicator to effectively identify relevant evidence from retrieved passages.
arXiv Detail & Related papers (2023-09-15T13:13:30Z)
Give Me More Details: Improving Fact-Checking with Latent Retrieval [58.706972228039604]
Evidence plays a crucial role in automated fact-checking. Existing fact-checking systems either assume the evidence sentences are given or use the search snippets returned by the search engine. We propose to incorporate full text from source documents as evidence and introduce two enriched datasets.
arXiv Detail & Related papers (2023-05-25T15:01:19Z)
Complex Claim Verification with Evidence Retrieved in the Wild [73.19998942259073]
We present the first fully automated pipeline to check real-world claims by retrieving raw evidence from the web. Our pipeline includes five components: claim decomposition, raw document retrieval, fine-grained evidence retrieval, claim-focused summarization, and veracity judgment.
arXiv Detail & Related papers (2023-05-19T17:49:19Z)
Read it Twice: Towards Faithfully Interpretable Fact Verification by Revisiting Evidence [59.81749318292707]
We propose a fact verification model named ReRead to retrieve evidence and verify claim. The proposed system is able to achieve significant improvements upon best-reported models under different settings.
arXiv Detail & Related papers (2023-05-02T03:23:14Z)
GERE: Generative Evidence Retrieval for Fact Verification [57.78768817972026]
We propose GERE, the first system that retrieves evidences in a generative fashion. The experimental results on the FEVER dataset show that GERE achieves significant improvements over the state-of-the-art baselines.
arXiv Detail & Related papers (2022-04-12T03:49:35Z)
Graph-based Retrieval for Claim Verification over Cross-Document Evidence [0.6853165736531939]
We conjecture that a graph-based approach can be beneficial to identify fragmented evidence. We tested this hypothesis by building, over the whole corpus, a large graph that interconnects text portions by means of mentioned entities. Our experiments show that leveraging on a graph structure is beneficial in identifying a reasonably small portion of passages related to a claim.
arXiv Detail & Related papers (2021-09-13T14:54:26Z)
Sample-efficient device-independent quantum state verification and certification [68.8204255655161]
Authentication of quantum sources is a crucial task in building reliable and efficient protocols for quantum-information processing. We develop a systematic approach to device-independent verification of quantum states free of IID assumptions in the finite copy regime. We show that device-independent verification can be performed with optimal sample efficiency.
arXiv Detail & Related papers (2021-05-12T17:48:04Z)
Weakly- and Semi-supervised Evidence Extraction [107.47661281843232]
We propose new methods to combine few evidence annotations with abundant document-level labels for the task of evidence extraction. Our approach yields substantial gains with as few as hundred evidence annotations.
arXiv Detail & Related papers (2020-11-03T04:05:00Z)
Hierarchical Evidence Set Modeling for Automated Fact Extraction and Verification [5.836068916903788]
Hierarchical Evidence Set Modeling (HESM) is a framework to extract evidence sets and verify a claim to be supported, refuted or not enough info. Our experimental results show that HESM outperforms 7 state-of-the-art methods for fact extraction and claim verification.
arXiv Detail & Related papers (2020-10-10T22:27:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.