TRACES: TEE-based Runtime Auditing for Commodity Embedded Systems

• URL: http://arxiv.org/abs/2409.19125v1
• Date: Fri, 27 Sep 2024 20:10:43 GMT
• Title: TRACES: TEE-based Runtime Auditing for Commodity Embedded Systems
• Authors: Adam Caulfield, Antonio Joia Neto, Norrathep Rattanavipanon, Ivan De Oliveira Nunes,
• Abstract summary: Control Flow Auditing (CFA) offers a means to detect control flow hijacking attacks on remote devices. CFA generates a trace (CFLog) containing the destination of all branching instructions executed. TraCES guarantees reliable delivery of periodic runtime reports even when Prv is compromised.
• Score: 9.32090482996659
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Control Flow Attestation (CFA) offers a means to detect control flow hijacking attacks on remote devices, enabling verification of their runtime trustworthiness. CFA generates a trace (CFLog) containing the destination of all branching instructions executed. This allows a remote Verifier (Vrf) to inspect the execution control flow on a potentially compromised Prover (Prv) before trusting that a value/action was correctly produced/performed by Prv. However, while CFA can be used to detect runtime compromises, it cannot guarantee the eventual delivery of the execution evidence (CFLog) to Vrf. In turn, a compromised Prv may refuse to send CFLog to Vrf, preventing its analysis to determine the exploit's root cause and appropriate remediation actions. In this work, we propose TRACES: TEE-based Runtime Auditing for Commodity Embedded Systems. TRACES guarantees reliable delivery of periodic runtime reports even when Prv is compromised. This enables secure runtime auditing in addition to best-effort delivery of evidence in CFA. TRACES also supports a guaranteed remediation phase, triggered upon compromise detection to ensure that identified runtime vulnerabilities can be reliably patched. To the best of our knowledge, TRACES is the first system to provide this functionality on commodity devices (i.e., without requiring custom hardware modifications). To that end, TRACES leverages support from the ARM TrustZone-M Trusted Execution Environment (TEE). To assess practicality, we implement and evaluate a fully functional (open-source) prototype of TRACES atop the commodity ARM Cortex-M33 micro-controller unit.

Related papers

• SpecCFA: Enhancing Control Flow Attestation/Auditing via Application-Aware Sub-Path Speculation [6.210224116507288]
  We propose SpecCFA: an approach for dynamic sub-path speculation in CFA. SpecCFA significantly lowers storage/performance costs that are critical to resource-constrained MCUs.
  arXiv  Detail & Related papers  (2024-09-27T02:39:55Z)
• AGORA: Open More and Trust Less in Binary Verification Service [16.429846973928512]
  We introduce a novel binary verification service, AGORA, scrupulously designed to overcome the challenge. Certain tasks can be delegated to untrusted entities, while the corresponding validators are securely housed within the trusted computing base. Through a novel blockchain-based bounty task manager, it also utilizes crowdsourcing to remove trust in theorem provers.
  arXiv  Detail & Related papers  (2024-07-21T05:29:22Z)
• Cryptographically Assured Information Flow: Assured Remote Execution [0.0]
  Assured Remote Execution on a device is the ability of suitably authorized parties to construct secure channels with known processes. We show that a simple hardware-level mechanism called Cryptographically Assured Information Flow (CAIF) enables Assured Remote Execution.
  arXiv  Detail & Related papers  (2024-02-04T22:47:03Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• TitanCFI: Toward Enforcing Control-Flow Integrity in the Root-of-Trust [4.444373990868152]
  TitanCFI modifies the commit stage of a protected core to stream control flow instructions to the RoT. It avoids the design of custom IPs and the modification of the compilation toolchain. It exploits the RoT tamper-proof storage and cryptographic accelerators to secure metadata.
  arXiv  Detail & Related papers  (2024-01-04T22:58:33Z)
• Runtime Verification for Trustworthy Computing [0.0]
  We show how runtime verification can enhance the level of trust to the Rich Execution Environment (REE) We propose practical solutions to two threat models for the RV-TEE monitoring process.
  arXiv  Detail & Related papers  (2023-10-03T18:23:16Z)
• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
  We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
  arXiv  Detail & Related papers  (2023-09-26T08:11:38Z)
• Recursively Feasible Probabilistic Safe Online Learning with Control Barrier Functions [60.26921219698514]
  We introduce a model-uncertainty-aware reformulation of CBF-based safety-critical controllers. We then present the pointwise feasibility conditions of the resulting safety controller. We use these conditions to devise an event-triggered online data collection strategy.
  arXiv  Detail & Related papers  (2022-08-23T05:02:09Z)
• Learning Robust Output Control Barrier Functions from Safe Expert Demonstrations [50.37808220291108]
  This paper addresses learning safe output feedback control laws from partial observations of expert demonstrations. We first propose robust output control barrier functions (ROCBFs) as a means to guarantee safety. We then formulate an optimization problem to learn ROCBFs from expert demonstrations that exhibit safe system behavior.
  arXiv  Detail & Related papers  (2021-11-18T23:21:00Z)
• Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
  We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
  arXiv  Detail & Related papers  (2021-06-03T16:45:40Z)
• Certifiably Robust Variational Autoencoders [74.28099923969754]
  We introduce an approach for training Variational Autoencoders (VAEs) that are certifiably robust to adversarial attack. We derive actionable bounds on the minimal size of an input perturbation required to change a VAE's reconstruction. We show how these parameters can be controlled, thereby providing a mechanism to ensure a VAE will attain a desired level of robustness.
  arXiv  Detail & Related papers  (2021-02-15T13:56:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.