Nanovised Control Flow Attestation

Abstract
This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.
Main Authors
Format
Articles Research article
Published
2022
Series
Subjects
Publication in research information system
Publisher
MDPI AG
The permanent address of the publication
https://urn.fi/URN:NBN:fi:jyu-202203161880Use this for linking
Review status
Peer reviewed
ISSN
2076-3417
DOI
https://doi.org/10.3390/app12052669
Language
English
Published in
Applied Sciences
Citation
License
CC BY 4.0Open Access
Additional information about funding
This research received no external funding.
Copyright© 2022 the Authors

Share