Litcius/Paper detail

ReCFA: Resilient Control-Flow Attestation

Yumei Zhang, Xinzhi Liu, Cong Sun, Dongrui Zeng, Gang Tan, Kan Xiao, Siqi Ma

2021Annual Computer Security Applications Conference19 citationsDOI

Abstract

Recent IoT applications gradually adapt more complicated end systems with commodity software. Ensuring the runtime integrity of these software is a challenging task for the remote controller or cloud services. Popular enforcement is the runtime remote attestation which requires the end system (prover) to generate evidence for its runtime behavior and a remote trusted verifier to attest the evidence. Control-flow attestation is a kind of runtime attestation that provides diagnoses towards the remote control-flow hijacking at the prover. Most of these attestation approaches focus on small or embedded software. The recent advance to attesting complicated software depends on the source code and CFG traversing to measure the checkpoint-separated subpaths, which may be unavailable for commodity software and cause possible context missing between consecutive subpaths in the measurements.

Topics & Concepts

Computer scienceControl flowSoftwareTrusted ComputingContext (archaeology)Embedded systemOperating systemComputer securityRuntime verificationCloud computingDistributed computingFormal verificationProgramming languageBiologyPaleontologySecurity and Verification in ComputingAdvanced Malware Detection TechniquesRadiation Effects in Electronics
ReCFA: Resilient Control-Flow Attestation | Litcius