PCI system architecture (4th ed.)
PCI system architecture (4th ed.)
Reflection as a mechanism for software integrity verification
ACM Transactions on Information and System Security (TISSEC)
Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks
IEEE Transactions on Mobile Computing
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems
Proceedings of the twentieth ACM symposium on Operating systems principles
SCUBA: Secure Code Update By Attestation in sensor networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Establishing the genuinity of remote computer systems
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Side effects are not sufficient to authenticate software
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
A software primitive for externally-verifiable untampered execution and its applications to securing computing systems
HyperSentry: enabling stealthy in-context measurement of hypervisor integrity
Proceedings of the 17th ACM conference on Computer and communications security
SBAP: software-based attestation for peripherals
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
HyperCheck: a hardware-assisted integrity monitor
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Retroactive detection of malware with applications to mobile platforms
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
Cycles, cells and platters: an empirical analysisof hardware failures on a million consumer PCs
Proceedings of the sixth conference on Computer systems
Remote software-based attestation for wireless sensors
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Alien vs. Quine, the vanishing circuit and other tales from the industry's crypt
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
SABOT: specification-based payload generation for programmable logic controllers
Proceedings of the 2012 ACM conference on Computer and communications security
Enabling trusted scheduling in embedded systems
Proceedings of the 28th Annual Computer Security Applications Conference
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
DriverGuard: Virtualization-Based Fine-Grained Protection on I/O Flows
ACM Transactions on Information and System Security (TISSEC)
A security framework for the analysis and design of software attestation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
BIOS chronomancy: fixing the core root of trust for measurement
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Implementation and implications of a stealth hard-drive backdoor
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Recent research demonstrates that malware can infect peripherals' firmware in a typical x86 computer system, e.g., by exploiting vulnerabilities in the firmware itself or in the firmware update tools. Verifying the integrity of peripherals' firmware is thus an important challenge. We propose software-only attestation protocols to verify the integrity of peripherals' firmware, and show that they can detect all known software-based attacks. We implement our scheme using a Netgear GA620 network adapter in an x86 PC, and evaluate our system with known attacks.