TY - GEN
T1 - Determining the integrity of application binaries on unsecure legacy machines using software based remote attestation
AU - Srinivasan, Raghunathan
AU - Dasgupta, Partha
AU - Gohad, Tushar
AU - Bhattacharya, Amiya
N1 - Funding Information:
Acknowledgements. This material is based upon work supported in part by the National Science Foundation under Grant No. CNS-1011931. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
Funding Information:
This material is based upon work supported in part by the National Science Foundation under Grant No. CNS-1011931. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
PY - 2010
Y1 - 2010
N2 - Integrity of computing platforms is paramount. A platform is as secure as the applications executing on it. All applications are created with some inherent vulnerability or loophole. Attackers can analyze the presence of flaws in a particular binary and exploit them. Traditional virus scanners are also binaries which can be attacked by malware. This paper implements a method known as Remote Attestation entirely in software to attest the integrity of a process using a trusted external server. The trusted external server issues a challenge to the client machine which responds to the challenge. The response determines the integrity of the application.
AB - Integrity of computing platforms is paramount. A platform is as secure as the applications executing on it. All applications are created with some inherent vulnerability or loophole. Attackers can analyze the presence of flaws in a particular binary and exploit them. Traditional virus scanners are also binaries which can be attacked by malware. This paper implements a method known as Remote Attestation entirely in software to attest the integrity of a process using a trusted external server. The trusted external server issues a challenge to the client machine which responds to the challenge. The response determines the integrity of the application.
KW - code injection
KW - integrity measurement
KW - remote attestation
UR - http://www.scopus.com/inward/record.url?scp=78650856954&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78650856954&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-17714-9_6
DO - 10.1007/978-3-642-17714-9_6
M3 - Conference contribution
AN - SCOPUS:78650856954
SN - 3642177131
SN - 9783642177132
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 66
EP - 80
BT - Information Systems Security - 6th International Conference, ICISS 2010, Proceedings
T2 - 6th International Conference on Information Systems Security, ICISS 2010
Y2 - 17 December 2010 through 19 December 2010
ER -