Nanovised Control Flow Attestation

Ben Yehuda, Raz; Kiperberg, Michael; Zaidenberg, Nezer Jacob

Publisher's PDF

Nanovised Control Flow Attestation

Abstract

This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.

Main Authors

Ben Yehuda, Raz Kiperberg, Michael Zaidenberg, Nezer Jacob

Format

Articles Research article

Published

2022

Series

Applied Sciences

Subjects

hypervisor

ARM

Linux

control flow

SlowLoris

TrustZone

virtualisointi

pääsynvalvonta

tietoturva

Publication in research information system

https://converis.jyu.fi/converis/portal/detail/Publication/104531706

Publisher

MDPI AG

The permanent address of the publication

https://urn.fi/URN:NBN:fi:jyu-202203161880Use this for linking

Review status

Peer reviewed

ISSN

2076-3417

DOI

https://doi.org/10.3390/app12052669

Language

English

Published in

Applied Sciences

Citation

Ben Yehuda, R., Kiperberg, M., & Zaidenberg, N. J. (2022). Nanovised Control Flow Attestation. Applied Sciences, 12(5), Article 2669. https://doi.org/10.3390/app12052669

License

Additional information about funding

This research received no external funding.

Nanovised Control Flow Attestation

Share

Similar Items