Summmary
We propose a primitive, called Pioneer, as a first step towards verifiable code execution on untrusted legacy hosts. Pioneer does not require any hardware support such as secure co-processors or CPU-architecture extensions. We implement Pioneer on an Intel Pentiurn IV Xeon processor. Pioneer can be used as a basic building block to build security systems. We demonstrate this by building a kernel rootkit detector.
This research was supported in part by CyLab at the Camegie Mellon University under grant DAAD19-02-1-0389 from the Army Research Office, by NSF under grant CNS- 0509004, and by a gift from IBM, Intel and Microsoft. The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either express or implied, of ARO, Carnegie Mellon University, IBM, Intel, Microsoft, NSF, or the U.S. Government or any of its agencies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
* * *. AMD platform for trustworthy computing. In WinHEC, Sept. 2003.
* * *. Secure Krtual Machine Architecture Reference Manual. AMD Corp., May 2005.
N. Appliance. Postmark: A new file system benchmark. Available at http://www.netapp.com/techlibrary/3022.html, 2004.
W. Arbaugh. Personal communication, May 2005.
D. Boggs, A. Baktha, J. Hawkins, D. Marr, J. Miller, P. Roussel, R. Singhal, B. Toll, and K. Venkatraman. The microarchitecture of the Intel Pentium 4 processor on 90nm technology. Intel Technology Journal, 8(01), Feb. 2004.
B. Chen and R. Morris. Certifying program execution with secure procesors. In Proceedings of HotOS IX, 2003.
A. Chuvakin. Ups and downs of unixtlinux host-based security solutions. ogin: The Magazine of USENIX and SAGE, 28(2), Apr. 2003.
F. S. Foundation. superopt-finds the shortest instruction sequence for a given function. http://www.gnu.org/directory/devel/compilers/superopt.html.
T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machinebased platform for trusted computing. In In Proceedings of ACM Symposium on Operating Systems Principles (SOSP), 2003.
Intel Corp. LaGrande Technology Architectural Overview, September 2003.
Intel Corporation. IA32 Intel Architecture Software Developer’s Manual Vo1.I.
K. J. Jones. Loadable Kemel Modules. ;login: The Magazine of USENIX and SAGE, 26(7), Nov. 2001.
R. Joshi, G. Nelson, and K. Randall. Denali: a goal-directed superoptimizer. In Proceedings of ACM Conference on Programming Language Design and Implementation (PLDI), pages 304–314,2002.
R. Kennel1 and L. Jamieson. Establishing the genuinity of remote computer systems. In Proceedings of USENIX Security Symposium, Aug. 2003.
S. King and P. Chen. Backtracking intrusions. In Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), pages 223–236,2003.
A. Klimov and A. Shamir. A new class of invertible mappings. In CHES’ 02: Revised Papersfiom the 4th International Workshop on Cryptographic Hardware and Embedded Systems, pages 470–483,2003.
N. Petroni, T. Fraser, J. Molina, and W. Arbaugh. Copilot-a coprocessor-based kernel runtime integrity monitor. In Proceedings of USENIX Security Symposium, pages 179–194,2004.
R. Sailer, X. Zhang, T. Jaeger, and L. van Doom. Design and implementation of a TCGbased integrity measurement architecture. In Proceedings of USENIX Security Symposium, pages 223–238,2004.
A. Seshadri, A. Perrig, L. van Doom, and P. Khosla. SWATT. Software-based attestation for embedded devices. In Proceedings of lEEE Symposium on Security and Privacy, May 2004.
U. Shankar, M. Chew, and J. D. Tygar. Side effects are not sufficient to authenticate software. In Proceedings of USENIX Security Symposium, pages 89–101, Aug. 2004.
E. Shi, A. Perrig, and L. van Doom. Bind: A fine-grained attestation service for secure distributed systems. In Proc. of the ZEEE Symposium on Security and Privacy, pages 154–168,2005.
Trusted Computing Group (TCG). https://www.trustedcomputinggroup.org/, 2003.
Tripwire. http://sourceforge.net/projects/tripwire/.
VMware. http://www.vmware.corn/.
X. Wang, Y. Yin, and H. Yu. Finding collisions in the full sha-I. In Proceedings of Crypto,Aug. 2005.
Y. Wang, R. Roussev, C. Verbowski, A. Johnson, and D. Ladd. Askstrider: What has changed on my machine lately? Technical Report MSR-TR-2004-03, Microsoft Research, 2004.
Y. Wang, B. Vo, R. Roussev, C. Verbowski, and A. Johnson. Strider GhostBuster: Why it’s a bad idea for stealth software to hide files. Technical Report MSR-TR-2004-71, Microsoft Research, 2004.
G. Wurster, P. van Oorschot, and A. Somayaji. A generic attack on checksumming-based software tamper resistance. In Proceedings of IEEE Symposium on Security and Privacy,May 2005.
D. Zovi. Kemel rootkits. http://www.cs.unm.edu/∼ghandi/lkr.pdf.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer Science+Business Media, LLC.
About this paper
Cite this paper
Seshadri, A., Luk, M., Perrig, A., van Doom, L., Khosla, P. (2007). Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. In: Christodorescu, M., Jha, S., Maughan, D., Song, D., Wang, C. (eds) Malware Detection. Advances in Information Security, vol 27. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-44599-1_12
Download citation
DOI: https://doi.org/10.1007/978-0-387-44599-1_12
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-32720-4
Online ISBN: 978-0-387-44599-1
eBook Packages: Computer ScienceComputer Science (R0)