{"title":"RTTV:基于TPM的动态CFI测量工具","authors":"Penglin Yang, Limin Tao, Haitao Wang","doi":"10.1049/iet-ifs.2017.0459","DOIUrl":null,"url":null,"abstract":"In programme dynamic analysis, control flow integrity (CFI) is an efficient way to investigate programme's behaviour. By detecting these CF instructions, researchers can obtain programme's runtime information and execution status accurately. This feature makes CFI a sharp and sensitive approach to detect programme abnormal conditions and malicious attacks such as stack overflow and return-oriented programming. Meanwhile, with the development of dynamic trusted computing technique, a Trusted Platform Module (TPM) chip can provide cryptographic service both in a system's booting period and runtime period. In this study, the authors combine CFI and dynamic trusted computing to present runtime trusted verifier (RTTV) as a dynamic CFI measurement tool based on TPM. Compared to traditional measurement methods, their work is more accurate and reliable, can totally enforce programme run as predefined CF. RTTV uses TPM as `root of trust', which also provides computing resource such as hash algorithm to reduce performance overhead. With the characteristic of sensitivity, simplicity and efficiency, RTTV can especially meet the security requirement of remote embedded systems such as satellites and other valuable equipments.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2018-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"RTTV: a dynamic CFI measurement tool based on TPM\",\"authors\":\"Penglin Yang, Limin Tao, Haitao Wang\",\"doi\":\"10.1049/iet-ifs.2017.0459\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In programme dynamic analysis, control flow integrity (CFI) is an efficient way to investigate programme's behaviour. By detecting these CF instructions, researchers can obtain programme's runtime information and execution status accurately. This feature makes CFI a sharp and sensitive approach to detect programme abnormal conditions and malicious attacks such as stack overflow and return-oriented programming. Meanwhile, with the development of dynamic trusted computing technique, a Trusted Platform Module (TPM) chip can provide cryptographic service both in a system's booting period and runtime period. In this study, the authors combine CFI and dynamic trusted computing to present runtime trusted verifier (RTTV) as a dynamic CFI measurement tool based on TPM. Compared to traditional measurement methods, their work is more accurate and reliable, can totally enforce programme run as predefined CF. RTTV uses TPM as `root of trust', which also provides computing resource such as hash algorithm to reduce performance overhead. With the characteristic of sensitivity, simplicity and efficiency, RTTV can especially meet the security requirement of remote embedded systems such as satellites and other valuable equipments.\",\"PeriodicalId\":13305,\"journal\":{\"name\":\"IET Inf. Secur.\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-04-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Inf. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1049/iet-ifs.2017.0459\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/iet-ifs.2017.0459","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
In programme dynamic analysis, control flow integrity (CFI) is an efficient way to investigate programme's behaviour. By detecting these CF instructions, researchers can obtain programme's runtime information and execution status accurately. This feature makes CFI a sharp and sensitive approach to detect programme abnormal conditions and malicious attacks such as stack overflow and return-oriented programming. Meanwhile, with the development of dynamic trusted computing technique, a Trusted Platform Module (TPM) chip can provide cryptographic service both in a system's booting period and runtime period. In this study, the authors combine CFI and dynamic trusted computing to present runtime trusted verifier (RTTV) as a dynamic CFI measurement tool based on TPM. Compared to traditional measurement methods, their work is more accurate and reliable, can totally enforce programme run as predefined CF. RTTV uses TPM as `root of trust', which also provides computing resource such as hash algorithm to reduce performance overhead. With the characteristic of sensitivity, simplicity and efficiency, RTTV can especially meet the security requirement of remote embedded systems such as satellites and other valuable equipments.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
