A New Class of Invertible Mappings
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
SCUBA: Secure Code Update By Attestation in sensor networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Pseudorandom recursions: small and fast pseudorandom number generators for embedded applications
EURASIP Journal on Embedded Systems
Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
SAKE: Software Attestation for Key Establishment in Sensor Networks
DCOSS '08 Proceedings of the 4th IEEE international conference on Distributed Computing in Sensor Systems
When good instructions go bad: generalizing return-oriented programming to RISC
Proceedings of the 15th ACM conference on Computer and communications security
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
Return-oriented rootkits: bypassing kernel code integrity protection mechanisms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Short paper: lightweight remote attestation using physical functions
Proceedings of the fourth ACM conference on Wireless network security
VIPER: verifying the integrity of PERipherals' firmware
Proceedings of the 18th ACM conference on Computer and communications security
Poster: practical embedded remote attestation using physically unclonable functions
Proceedings of the 18th ACM conference on Computer and communications security
What if you can't trust your network card?
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
BIOS chronomancy: fixing the core root of trust for measurement
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Recent research demonstrates that adversaries can inject malicious code into a peripheral's firmware during a firmware update, which can result in password leakage or even compromise of the whole host operating system. Therefore, it is desirable for a host system to be able to verify the firmware integrity of attached peripherals. Several software-based attestation techniques on embedded devices have been proposed as potentially enabling firmware verification. In this work, we propose a Software-Based Attestation technique for Peripherals that verifies the firmware integrity of a peripheral and detects malicious changes with a high probability, even in the face of recently proposed attacks. We implement and evaluate SBAP in an Apple Aluminum Keyboard and study the extent to which our scheme enhances the security properties of peripherals.