Anbang Ruan,Qingni Shen,Li Wang,Chao Qin,Liang Gu,Zhong Chen

2009-01-01

China Communications

Abstract:The Binary-based attestation (BA) mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system. However, BA only supports the attestation for specific patterns of binary codes defined by a trusted party, mostly the software vendor, for a particular version of a software. In this paper, we present a Source-Code Oriented Attestation (SCOA) framework to enable custom built application to be attested to in the TCG attestation architecture. In SCOA, security attributes are bond with the source codes of an application instead of its binaries codes. With a proof chain generated by a Trusted Building System to record the building procedure, the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes. Moreover, with the security attribute certificates assigned to the source codes, they can deter-mine the trustworthiness of the binary. In this paper, we present a TBS implementation with virtualization.

Cui Yan-Li,Xing Zhang

DOI: https://doi.org/10.1109/PACIIA.2009.5406422

2009-01-01

Abstract:For trusted computing technology, as the basis of remote attestation, system integrity measurement whose theory model and application research is all along a discussed focus. Integrity measurement of binary system of trusted computing technology used the transmission model of trust chain, but the development of this model is late to the development of remote attestation. This paper mainly concerns systems integrity measurement of property remote attestation, adds certificate authority and trusted property authority based on the original binary integrity measurement, realizes the conversion from binary fingerprints convert to property remote attestation. Combining the new features of property remote attestation, this paper uses the predicate logic to prove the credibility of systems integrity measurement of property remote attestation. ©2009 IEEE.

Hua Wang,Yao Guo,Xiangqun Chen

DOI: https://doi.org/10.1007/978-3-642-02704-8_10

2009-01-01

Abstract:Remote attestation is one of the key functionalities provided by trusted platforms. Most current attestation approaches are based on cryptographic hash functions, which are appropriate to attest to relatively stable objects such as executables. However, they can not effectively deal with software configurations that could have many (or even infinite) trusted variants and could also be modified at run-time. This paper proposes SAConf, a novel semantic attestation approach to attesting to software configurations. SAConf uses a list of constraints to represent the challenger's trust policies, and verifies configurations based on semantic checks against the constraints, according to the semantic meanings of configurations rather than their hashes. An on-request measurement strategy is also added as a complement to the on-load strategy in order to capture potential modifications to configurations during execution. We implemented a prototype of SAConf and evaluations show that it could reduce the storage overhead from exponential to linear compared to hash-based approaches.

Cui Yan-Li,Zhang Xing

DOI: https://doi.org/10.1109/fitme.2009.68

2009-01-01

Abstract:During the realizing process of remote attestation, except for using trusted computing technology to protect physical security, storage security and operation security of certifier, cipher mechanism need to be combined to ensure the credibility of attestation method of certifier. This paper designs an attestation method model of property remote attestation, and applies the authentication and access control logic technology to make formal description for the participants of attestation method of property remote attestation, and finally prove the credibility of attestation method. Paper's research conclusion proves, after increasing the authority of certificate and trusted property certificate, the credibility of property remote attestation method can be guaranteed among the computing environment applying the public key infrastructure participates.

Liang Gu,Guangdong Bai,Yao Guo,Xiangqun Chen,Hong Mei

DOI: https://doi.org/10.1016/j.jnca.2011.03.014

IF: 7.574

2012-01-01

Journal of Network and Computer Applications

Abstract:As more and more component-based systems (CBS) run in the open and dynamic Internet, it is very important to establish trust between clients and CBS. One of the key mechanisms to establish trust among different platforms in an open and dynamic environment is remote attestation, which allows a platform to vouch for its trust-related characteristics to a remote challenger. This paper proposes a novel attestation scheme for a dynamically reconfigurable CBS to reliably prove whether its execution satisfies the specified security model, by introducing a TPM-based attestation service to dynamically monitor the execution of the CBS. As a case study, we have applied the proposed scheme on OSGi systems and implemented a prototype based on JVMTI for Felix. The evaluation results show that the proposed scheme is both effective and practical.

Liang Gu,Xuhua Ding,Robert Huijie Deng,Bing Xie,Hong Mei

DOI: https://doi.org/10.1145/1456455.1456458

2008-01-01

Abstract:Remote attestation provides the basis for one platform to establish trusts on another. In this paper, we consider the problem of attesting the correctness of program executions. We propose to measure the target program and all the objects it depends on, with an assumption that the Secure Kernel and the Trusted Platform Module provide a secure execution environment through process separation. The attestation of the target program begins with a program analysis on the source code or the binary code in order to find out the relevant executables and data objects. Whenever such a data object is accessed or a relevant executable is invoked due to the execution of the target program, its state is measured for attestation. Our scheme not only testifies to a program's execution, but also supports fine-granularity attestations and information flow checking.

Tong Li,Yang Lin,Xueyuan Kong,Yue Yu,Fajiang Yu

2011-01-01

Abstract:Current technology in trusted computing cannot comply with the requirement of trusted behaviour. One method for trusted computing dynamic attestation is proposed in this paper. This method uses a behaviour model based on the static analysis of binary code. One same source code may have several different binary versions, therefore one method is proposed for building almost the same core function model for different binary versions. This research also overcame the difficulty where some dynamic behaviours could not be obtained by static analysis. The paper also provides solutions for dynamic attestation of some complex programs, such as recursion, library link and multi threads programs.

Liang Gu,Yueqiang Cheng,Xuhua Ding,Robert H. Deng,Yao Guo,Weizhong Shao

DOI: https://doi.org/10.1007/978-3-642-14597-1_4

2010-01-01

Abstract:A program is a compound of various subroutines playing different roles. In this paper, we study how to attest the execution of those mission-critical subroutines whose execution is the basis to establish trust. Our results include a new attestation scheme called function attestation. Given a function F of a program $\mathcal{P}$, the proposed scheme allows for an efficient and secure attestation by using the debug facility of processors and building a trust chain rooted at TPM. Our scheme is lightweight and easy to deploy. It can also be easily extended to support multiple-threaded programs and data flow attestation with slightly more overhead.

Yuan Dong,Kai Ren,Shengyuan Wang,Suqin Zhang

DOI: https://doi.org/10.1007/978-3-642-10672-9_20

2009-01-01

Abstract:Bytecodes and virtual machines (VM) are prevailing programming facilities in contemporary software industry due to their ease of portability across various platforms. Thus, it is critical to improve their trustworthiness. This paper addresses the interesting and challenging problem of certifying bytecode programs over certified VMs. Our solutions to this problem include: 1) A logical systems (CBP) for a bytecode machine is built to modularly certify bytecode programs with abstract control stacks and unstructured control flows, 2) and the corresponding stack-based virtual machine is implemented and certified, 3) a simulation relation between bytecode program and VM implementation is developed and proved to achieve the objective that once some safety property of a bytecode program is certified in CBP system, the property will be preserved on any certified VM. We prove the soundness and demonstrate its power by certifying some example programs with the Coq proof assistant. This work not only provides a solid theoretical foundation for reasoning about bytecode programs, but also gains insight into building proof-preserving compilers.

Sai-Jun He,Ming Zhang

DOI: https://doi.org/10.1109/ICMA.2007.4304116

2007-01-01

Abstract:The close interactions between hardware and software of trustworthy systems demand co-simulation. Due to their diverse applications and often strict physical constraints, trustworthy systems are increasingly component-based and include only the necessary components for their missions. For this reason, we present a novel component-based approach to hardware-software co-simulation systems using OR1200. In our approach, a component model for trustworthy systems which unifies the concepts of hardware components and software components is defined. In our proposed system, it uses an Instruction Set Simulator (ISS) instead of OR1200 CPU when simulating the SoC system, and makes use of socket, shared memory and Programming Language Interface (PLI) function to communicate and transfer data between processes. The proposed system is illustrated by an application in H.264 decoding system that is practical and effective. © 2007 IEEE.

g u liang,yueqiang cheng,xuhua ding,robert h deng,yao guo,weizhong shao

DOI: https://doi.org/10.1007/978-3-642-14597-1_4

2010-01-01

Abstract:A program is a compound of various subroutines playing different roles. In this paper, we study how to attest the execution of those mission-critical subroutines whose execution is the basis to establish trust. Our results include a new attestation scheme called function attestation. Given a function F of a program P , the proposed scheme allows for an efficient and secure attestation by using the debug facility of processors and building a trust chain rooted at TPM. Our scheme is lightweight and easy to deploy. It can also be easily extended to support multiple-threaded programs and data flow attestation with slightly more overhead.

Han Liu,Pedro Antonino,Zhiqiang Yang,Chao Liu,A.W. Roscoe

DOI: https://doi.org/10.48550/arXiv.2112.00346

2021-12-01

Abstract:We develop the concept of Trusted and Confidential Program Analysis (TCPA) which enables program certification to be used where previously there was insufficient trust. Imagine a scenario where a producer may not be trusted to certify its own software (perhaps by a foreign regulator), and the producer is unwilling to release its sources and detailed design to any external body. We present a protocol that can, using trusted computing based on encrypted sources, create certification via which all can trust the delivered object code without revealing the unencrypted sources to any party. Furthermore, we describe a realization of TCPA with trusted execution environments (TEE) that enables general and efficient computation. We have implemented the TCPA protocol in a system called TCWasm for web assembly architectures. In our evaluation with 33 benchmark cases, TCWasm managed to finish the analysis with relatively slight overheads.

Cryptography and Security,Software Engineering

Su Zhang,Ying Zhang,Xiang Jing,Xingchun Diao,Gang Huang

DOI: https://doi.org/10.1007/978-981-19-8043-5_5

2022-01-01

Abstract:In recent years, more and more applications are built on blockchains for boosting security, while keeping interaction with the off-chain world. These applications usually leverage blockchain oracles to access off-chain data. However, they are still threatened by the weakness of data authenticity as the external data source system may be attacked and provide forged and malicious data. In this paper, we propose DataAttest, a framework based on remote attestation to guarantee the authenticity of off-chain data. DataAttest first instruments the data source system for collecting runtime traces. Then, it measures the static code and runtime traces in TEE to construct a Data Authenticity Proof (DAP). Finally, blockchain oracles verify the DAP to guarantee that the integrity of the specific data source system is undamaged and the provided data is actually obtained from that system. In addition, DataAttest also adopts two optimization strategies to accelerate DAP verification and minimize the overhead brought by DAP construction. We implement DataAttest and evaluate it on a real-world system. The experimental results show that DataAttest can effectively check data authenticity and the overhead is relatively low.

Linan Tian,Yunke Shen,Zhiqiang Li

2024-07-04

Abstract:Trusted Execution Environments (TEEs), such as Intel Software Guard Extensions (SGX), ensure the confidentiality and integrity of user applications when using cloud computing resources. However, in the multi-party cloud computing scenario, how to select a Relying Party to verify the TEE of each party and avoid leaking sensitive data to each other remains an open question. In this paper, we propose SRAS, an open self-governed remote attestation scheme with attestation and verification functions for verifying the trustworthiness of TEEs and computing assets, achieving decentralized unified trusted attestation and verification platform for multi-party cloud users. In SRAS, we design a Relying Party enclave, which can form a virtual verifiable network, capable of local verification on behalf of other participants relying parties without leaking sensitive data to others. We provide an open-source prototype implementation of SRAS to facilitate the adoption of this technology by cloud users or developers.

Cryptography and Security

xuhua ding,liang gu,robert h deng,bing xie,hong mei

DOI: https://doi.org/10.4018/978-1-61520-682-7.ch001

2010-01-01

Abstract:One of the key mechanisms for trust establishment among different platforms is remote attestation, which allows a platform to vouch for its trust related characteristics to a remote challenger. In this chapter, the authors propose a new conceptual model for remote attestation consisting of four basic ingredients: root of trust, attestation objective, object measurement, and attestation process. With this model, they present a systematic study on the remote attestation, including the methodologies applied for implementing the four elements and the principles for designing an attestation scheme. The authors also examine existing remote attestation schemes in the literature by grouping them into two main types: integrity attestation and quality attestation. They discuss both the strength and the limitations of each type of scheme and explain how they can be applied in trust management in distributed environment.

Dexi Wang,Chao Zhang,Guang Chen,Ming Gu,Jiaguang Sun

2016-01-01

Abstract:The C programming language is widely used in safety-critical software systems. With its large appliance and increasing complexity, the need of ensuring the correctness of C codes emerged. This paper presents Ceagle , a fully automated program verifier for finding assertion violations in C programs. It is decent in both accuracy and efficiency by using a semantically equivalent program model language that is specifically designed for C program, together with various optimizations that make the satisfiability checking faster and memoryfriendly. More specifically, Ceagle uses LLVM clang as front-end parser, an extended labeled transition system as program model, and Z3 SMT solver as the back-end satisfiability checker. Ceagle is designed to be fully automatic and requires no user interaction as long as the assertions are provided. For evaluation, we compare Ceagle with existing C program verifiers based on open benchmarks. Ceagle outperforms others in terms of accuracy, and time and memory consumption.

Bhaskar Joshi,Sepideh HajiHossein Khani,Arash HabibiLashkari

2024-06-28

Abstract:Source Code Authorship Attribution (SCAA) is crucial for software classification because it provides insights into the origin and behavior of software. By accurately identifying the author or group behind a piece of code, experts can better understand the motivations and techniques of developers. In the cybersecurity era, this attribution helps trace the source of malicious software, identify patterns in the code that may indicate specific threat actors or groups, and ultimately enhance threat intelligence and mitigation strategies. This paper presents AuthAttLyzer-V2, a new source code feature extractor for SCAA, focusing on lexical, semantic, syntactic, and N-gram features. Our research explores author identification in C++ by examining 24,000 source code samples from 3,000 authors. Our methodology integrates Random Forest, Gradient Boosting, and XGBoost models, enhanced with SHAP for interpretability. The study demonstrates how ensemble models can effectively discern individual coding styles, offering insights into the unique attributes of code authorship. This approach is pivotal in understanding and interpreting complex patterns in authorship attribution, especially for malware classification.

Software Engineering,Artificial Intelligence

Carlton Shepherd,Raja N. Akram,Konstantinos Markantonakis

DOI: https://doi.org/10.48550/arXiv.1804.10707

2018-11-26

Abstract:Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.

Cryptography and Security

Daniele Serafini,Stefano Zacchiroli

DOI: https://doi.org/10.48550/arXiv.2207.11057

2022-07-22

Software Engineering

Abstract:Free/Open Source Software (FOSS) enables large-scale reuse of preexisting software components. The main drawback is increased complexity in software supply chain management. A common approach to tame such complexity is automated open source compliance, which consists in automating the verication of adherence to various open source management best practices about license obligation fulllment, vulnerability tracking, software composition analysis, and nearby concerns.We consider the problem of auditing a source code base to determine which of its parts have been published before, which is an important building block of automated open source compliance toolchains. Indeed, if source code allegedly developed in house is recognized as having been previously published elsewhere, alerts should be raised to investigate where it comes from and whether this entails that additional obligations shall be fullled before product shipment.We propose an ecient approach for prior publication identication that relies on a knowledge base of known source code artifacts linked together in a global Merkle direct acyclic graph and a dedicated discovery protocol. We introduce swh-scanner, a source code scanner that realizes the proposed approach in practice using as knowledge base Software Heritage, the largest public archive of source code artifacts. We validate experimentally the proposed approach, showing its eciency in both abstract (number of queries) and concrete terms (wall-clock time), performing benchmarks on 16 845 real-world public code bases of various sizes, from small to very large.

Hongbo Chen,Quan Zhou,Sen Yang,Xing Han,Fan Zhang,Danfeng Zhang,Xiaofeng Wang

2024-07-21

Abstract:Binary verification plays a pivotal role in software security, yet building a verification service that is both open and trustworthy poses a formidable challenge. In this paper, we introduce a novel binary verification service, AGORA, scrupulously designed to overcome the challenge. At the heart of this approach lies a strategic insight: certain tasks can be delegated to untrusted entities, while the corresponding validators are securely housed within the trusted computing base (TCB). AGORA can validate untrusted assertions generated for versatile policies. Through a novel blockchain-based bounty task manager, it also utilizes crowdsourcing to remove trust in theorem provers. These synergistic techniques successfully ameliorate the TCB size burden associated with two procedures: binary analysis and theorem proving. The design of AGORA allows untrusted parties to participate in these complex processes. Moreover, based on running the optimized TCB within trusted execution environments and recording the verification process on a blockchain, the public can audit the correctness of verification results. By implementing verification workflows for software-based fault isolation policy and side-channel mitigation, our evaluation demonstrates the efficacy of AGORA.

Cryptography and Security