Relevant bibliographies by topics / Software-based attestation

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers

Academic literature on the topic 'Software-based attestation'

Author: Grafiati
Published: 5 June 2025
Last updated: 24 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Software-based attestation.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Software-based attestation"

1

Vieira Steiner, Rodrigo, and Emil Lupu. "Towards more practical software-based attestation." Computer Networks 149 (February 2019): 43–55. http://dx.doi.org/10.1016/j.comnet.2018.11.003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Heo, Kyung-Soo, Hyun-Woo Choi, Hyun-Su Jang, and Young-Ik Eom. "Mutual Attestation Protocol using Software-based Attestation Scheme in Sensor Network Environments." KIPS Transactions:PartC 15C, no. 1 (2008): 9–18. http://dx.doi.org/10.3745/kipstc.2008.15-c.1.9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Brandão, Luís T. A. N., Carlos E. C. Galhardo, and René Peralta. "ZKASP: ZKP-based attestation of software possession for measuring instruments." Measurement Science and Technology 33, no. 6 (2022): 064001. http://dx.doi.org/10.1088/1361-6501/ac5438.

Full text
Abstract:
Abstract Software-controlled measuring instruments used in commercial transactions, such as fuel dispensers and smart meters, are sometimes subject to ‘memory replacement’ attacks. Cybercriminals replace the approved software by a malicious one that then tampers with measurement results, inflicting a financial loss to customers and companies. To mitigate such attacks, legal metrology systems often require regular device attestation, where an auditor checks that the device possesses (‘knows’) the approved software. However, current attestation methods usually require the software to be known by the auditor, thus increasing the risk of inadvertent leakage or malicious theft of proprietary information, besides facilitating its malicious adulteration. We describe how this issue can be addressed in legal metrology systems by using zero-knowledge proofs of knowledge (ZKPoK). These proofs enable attestation of possession of approved software, while ensuring its confidentiality from the auditor. To further provide publicly verifiable evidence of freshness, each such proof can be related to a fresh random value from a public randomness beacon. This article presents the basic conceptual idea, while also discussing pitfalls that should be avoided.
APA, Harvard, Vancouver, ISO, and other styles
4

Ho, Jun-Won. "Distributed Software-Attestation Defense against Sensor Worm Propagation." Journal of Sensors 2015 (2015): 1–6. http://dx.doi.org/10.1155/2015/874782.

Full text
Abstract:
Wireless sensor networks are vulnerable to sensor worm attacks in which the attacker compromises a few nodes and makes these compromised nodes initiate worm spread over the network, targeting the worm infection of the whole nodes in the network. Several defense mechanisms have been proposed to prevent worm propagation in wireless sensor networks. Although these proposed schemes use software diversity technique for worm propagation prevention under the belief that different software versions do not have common vulnerability, they have fundamental drawback in which it is difficult to realize the aforementioned belief in sensor motes. To resolve this problem, we propose on-demand software-attestation based scheme to defend against worm propagation in sensor network. The main idea of our proposed scheme is to perform software attestations against sensor nodes in on-demand manner and detect the infected nodes by worm, resulting in worm propagation block in the network. Through analysis, we show that our proposed scheme defends against worm propagation in efficient and robust manner. Through simulation, we demonstrate that our proposed scheme stops worm propagation at the reasonable overhead while preventing a majority of sensor nodes from being infected by worm.
APA, Harvard, Vancouver, ISO, and other styles
5

Li, Hongchao, Tao Shen, Fenhua Bai, and Bei Gong. "Blockchain-Assisted Distributed Fog Computing Control Flow Attestation." Security and Communication Networks 2022 (August 28, 2022): 1–17. http://dx.doi.org/10.1155/2022/6128155.

Full text
Abstract:
The control flow hijacking attack poses a serious threat to the integrity of the software. The attacker exploits the loophole to hijack the control flow of the running program to achieve the purpose of the attack. Remote control flow attestation is a method for embedded devices to ensure the integrity of the software. With the continuous development of Internet of Things (IoT) technology, embedded devices have exploded. None of the existing control flow attestation schemes can adapt to the real-time attestation requests of such massive embedded devices. This paper proposes a blockchain-assisted distributed fog computing control flow attestation scheme BDFCFA to deal with this scenario. The scheme uses a simplified control flow representation model, which can effectively represent the control flow of the program and reduce the runtime overhead of the prover in the attestation process. We use SGX technology to protect the integrity and confidentiality of verifier and prover data during the attestation process. Our proposed bidirectional control flow attestation protocol based on the elliptic curve can greatly protect the communication security between verifiers and provers without incurring excessive performance overhead and communication cost. We evaluate the performance of BDFCFA through the SNU real-time benchmark and demonstrate that BDFCFA has better performance. Finally, compared to the existing remote control flow attestation scheme, the results show that BDFCFA has the highest security.
APA, Harvard, Vancouver, ISO, and other styles
6

Kylänpää, Markku, and Jarno Salonen. "Combining System Integrity Verification with Identity and Access Management." European Conference on Cyber Warfare and Security 21, no. 1 (2022): 140–49. http://dx.doi.org/10.34190/eccws.21.1.202.

Full text
Abstract:
Digital transformation and the utilization of Industrial IoT (IIoT) introduces numerous interconnected devices to factories increasing among others the challenge of managing their software versions and giving attackers new possibilities to exploit various software vulnerabilities.
 Factory networks were earlier isolated from the Internet. However, this separation is no longer valid and there can be connections that allow intruders to penetrate into information systems of factories. Another issue is that although factories typically are physically isolated, it is not necessarily safe to assume that physical security is in good shape as the novel supply networks comprise subcontracted activities and temporary work force. Another threat can also arise from unauthorized monitoring of devices and the unauthorized replacement of existing ones.
 Based on the previous, it is crucial that IIoT security should be built into factories of the future (FoF) right from the design phase and even low-end devices need to be supported. Trusted computing concept called remote attestation should be used. Remote attestation allows remote parties to verify the integrity of each system component. System components should include trusted hardware components that can be used to measure executable software. The term measurement means calculating the cryptographic hash of the binary component before passing control to it. Trusted hardware components should also have a mechanism to protect the integrity of the measurement list and cryptographic keys that can be used to sign integrity assertions. The verifier part should have a storage of reference integrity metrics identifying the expected values of these measurements.
 Deploying trusted computing and remote attestation concepts to industrial automation is not straightforward. Even if it is possible to use remote attestation with suitable hardware components, it is not clear how remote attestation should be integrated with various operational technology (OT) industrial automation protocols. Approaches to use remote attestation with existing industrial automation protocols (e.g., OPC UA) is discussed. Advanced identity and access management (e.g., OAuth2, OpenID Connect) can be used to combine integrity measurements with device identity information so that the remote attestation process is triggered by authentication during the first transaction. The focus is on machine-to-machine (M2M) communications with immutable device identities and integrity evidence transfer.
APA, Harvard, Vancouver, ISO, and other styles
7

Vasileva, Margarita, and Milena Lambeva. "INTELLIGENT METHODS FOR ATTESTATION OF SCIENTIFIC AND TEACHING STAFF. RASCH MODEL." Environment. Technology. Resources. Proceedings of the International Scientific and Practical Conference 2 (June 15, 2017): 171. http://dx.doi.org/10.17770/etr2017vol2.2665.

Full text
Abstract:
Introduced in many universities quality management systems suggest the development of appropriate technologies for the assessment of learning results. Unfortunately, some of the real tasks remain outside the scope of the systems due to complexity, non-formalization, unawareness or lack of adequate mathematical models, software and more. Such is the task of attestation of the research and teaching staff, which is being periodically solved in universities. The work proposed model for the formalization of the problem of attestation of scientific and pedagogical staff, based on an adapted version of the one-parameter Rasch model for dichotomic data. The model allows software implementation and help to reduce the subjectivism in evaluating the performance of teachers in universities.
APA, Harvard, Vancouver, ISO, and other styles
8

Dietrich, Kurt. "On Reliable Platform Configuration Change Reporting Mechanisms for Trusted Computing Enabled Platforms." JUCS - Journal of Universal Computer Science 16, no. (4) (2010): 507–18. https://doi.org/10.3217/jucs-016-04-0507.

Full text
Abstract:
One of the most important use-cases of Trusted Computing is Remote Attestation. Itallows platforms to get a trustworthy proof of the loaded software and current configuration of certain remote platforms, thereby enabling them to make decisions about the remote platforms'trust status. Common concepts like Internet Protocol security or Transport Layer Security make these decisions based on shared secrets or certificates issued by third parties. Unlike remote at-testation, these concepts do not take the current configuration or currently loaded software of the platforms into account. Consequently, combining remote attestation and existing secure channelconcepts can solve the long lasting problem of secure channels that have to rely on insecure channel endpoints. Although this gap can now be closed by Trusted Computing, one important prob-lem remains unsolved: A platform's configuration changes everytime new software is loaded. Consequently, a reliable and in-time method to provide a proof for this configuration change -especially on multiprocess machines - is required to signal the platforms involved in the communication that a configuration change of the respectively other platform has taken place. Ourresearch results show that a simple reporting mechanism can be integrated into current Trusted Platform Modules and Transport Layer Security implementations with a few additional TrustedPlatform Modules commands and a few extensions to the TLS protocol.
APA, Harvard, Vancouver, ISO, and other styles
9

Ankergård, Sigurd Frej Joel Jørgensen, Edlira Dushku, and Nicola Dragoni. "State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things." Sensors 21, no. 5 (2021): 1598. http://dx.doi.org/10.3390/s21051598.

Full text
Abstract:
The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.
APA, Harvard, Vancouver, ISO, and other styles
10

Qin, Yu, Jingbin Liu, Shijun Zhao, Dengguo Feng, and Wei Feng. "RIPTE: Runtime Integrity Protection Based on Trusted Execution for IoT Device." Security and Communication Networks 2020 (September 23, 2020): 1–14. http://dx.doi.org/10.1155/2020/8957641.

Full text
Abstract:
Software attacks like worm, botnet, and DDoS are the increasingly serious problems in IoT, which had caused large-scale cyber attack and even breakdown of important information infrastructure. Software measurement and attestation are general methods to detect software integrity and their executing states in IoT. However, they cannot resist TOCTOU attack due to their static features and seldom verify correctness of control flow integrity. In this paper, we propose a novel and practical scheme for software trusted execution based on lightweight trust. Our scheme RIPTE combines dynamic measurement and control flow integrity with PUF device binding key. Through encrypting return address of program function by PUF key, RIPTE can protect software integrity at runtime on IoT device, enabling to prevent the code reuse attacks. The results of our prototype’s experiment show that it only increases a small size TCB and has a tiny overhead in IoT devices under the constraint on function calling. In sum, RIPTE is secure and efficient in IoT device protection at runtime.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Software-based attestation"

1

Faxö, Elias. "Trusted terminal-based systems." Thesis, Linköpings universitet, Institutionen för systemteknik, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-69589.

Full text
Abstract:
Trust is a concept of increasing importance in today’s information systems where information storage and generation to a higher extent is distributed among several entities throughout local or global networks. This trend in information science requires new ways to sustain the information security in the systems. This document defines trust in the context of a terminal-based system and analyzes the architecture of a distributed terminal-based system using threat modeling tools to elicit the prerequisites for trust in such a system. The result of the analysis is then converted into measures and activities that can be performed to fulfill these prerequisites. The proposed measures include hardware identification and both hardware and software attestation supported by the Trusted Computing Group standards and Trusted Platform Modules that are included in a connection handshake protocol. The proposed handshake protocol is evaluated against a practical case of a terminal-based casino system where the weaknesses of the protocol, mainly the requirement to build a system-wide Trusted Computing Base, are made evident. Proposed solutions to this problem such as minimization of the Trusted Computing Base are discussed along with the fundamental reason of the problem and the future solutions using the next generation of CPUs and Operating System kernels.
APA, Harvard, Vancouver, ISO, and other styles
2

(5930405), Jongho Won. "Security techniques for drones." Thesis, 2019.

Find full text
Abstract:
<div>Unmanned Aerial Vehicles (UAVs), commonly known as drones, are aircrafts without a human pilot aboard. The flight of drones can be controlled with a remote control by an operator located at the ground station, or fully autonomously by onboard computers. Drones are mostly found in the military. However, over the recent years, they have attracted the interest of industry and civilian sectors. <br></div><div>With the recent advance of sensor and embedded device technologies, various sensors will be embedded in city infrastructure to monitor various city-related information. In this context, drones can be effectively utilized in many safety-critical applications for collecting data from sensors on the ground and transmitting configuration instructions or task requests to these sensors.</div><div> <br></div><div>However, drones, like many networked devices, are vulnerable to cyber and physical attacks.<br></div><div>Challenges for secure drone applications can be divided in four aspects: 1) securing communication between drones and sensors, 2) securing sensor localization when drones locate sensors, 3) providing secure drone platforms to protect sensitive data against physical capture attacks and detect modifications to drone software, and 4) protecting secret keys in drones under white-box attack environments.<br></div><div> <br></div><div>To address the first challenge, a suite of cryptographic protocols is proposed. The protocols are based on certificateless cryptography and support authenticated key agreement, non-repudiation and user revocation. To minimize the energy required by a drone, a dual channel strategy is introduced.<br></div><div>To address the second challenge, a drone positioning strategy and a technique that can filter out malicious location references are proposed.<br></div><div>The third challenge is addressed by a solution integrating techniques for software-based attestation and data encryption.<br></div><div>For attestation, free memory spaces are filled with pseudo-random numbers, which are also utilized to encrypt data collected by the drone like a stream cipher.<br></div>A dynamic white-box encryption scheme is proposed to address the fourth challenge. Short secret key are converted into large look-up tables and the tables are periodically shuffled by a shuffling mechanism which is secure against white-box attackers.
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Software-based attestation"

1

Li, Yanlin, Jonathan M. McCune, and Adrian Perrig. "SBAP: Software-Based Attestation for Peripherals." In Trust and Trustworthy Computing. Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-13869-0_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Shaneck, Mark, Karthikeyan Mahadevan, Vishal Kher, and Yongdae Kim. "Remote Software-Based Attestation for Wireless Sensors." In Security and Privacy in Ad-hoc and Sensor Networks. Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11601494_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Li, Li, Hong Hu, Jun Sun, Yang Liu, and Jin Song Dong. "Practical Analysis Framework for Software-Based Attestation Scheme." In Formal Methods and Software Engineering. Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-11737-9_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Qian, Hanwei, Ming Yuan, and Lingling Xia. "Research on Remote Attestation Technology Based on Formal Software Behavior Measurement." In Communications in Computer and Information Science. Springer Singapore, 2020. http://dx.doi.org/10.1007/978-981-15-8101-4_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Zeiser, Maximilian, and Dirk Westhoff. "Re-visited: On the Value of Purely Software-Based Code Attestation for Embedded Devices." In Innovations for Community Services. Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-49466-1_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Srinivasan, Raghunathan, Partha Dasgupta, Tushar Gohad, and Amiya Bhattacharya. "Determining the Integrity of Application Binaries on Unsecure Legacy Machines Using Software Based Remote Attestation." In Information Systems Security. Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-17714-9_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Anto Ajisha Shriny, M., and Chungath Srinivasan. "Design and Implementation of the Protocol for Secure Software-Based Remote Attestation in IoT Devices." In Advances in Intelligent Systems and Computing. Springer Singapore, 2020. http://dx.doi.org/10.1007/978-981-15-2475-2_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Mat Nor, Fazli Bin, Kamarularifin Abd Jalil, and Jamalul-lail Ab Manan. "Remote User Authentication Scheme with Hardware-Based Attestation." In Software Engineering and Computer Systems. Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-22191-0_38.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

"Software-Based Attestation." In Encyclopedia of Cryptography and Security. Springer US, 2011. http://dx.doi.org/10.1007/978-1-4419-5906-5_1225.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Algawi, Asaf, Michael Kiperberg, Roee Shimon Leon, Amit Resh, and Nezer Jacob Zaidenberg. "Modern Blue Pills and Red Pills." In Encyclopedia of Criminal Activities and the Deep Web. IGI Global, 2020. http://dx.doi.org/10.4018/978-1-5225-9715-5.ch078.

Full text
Abstract:
This article presents the concept of blue pill, a stealth hypervisor-based rootkit, that was introduced by Joanna Rutkowska in 2006. The blue pill is a malicious thin hypervisor-based rootkit that takes control of the victim machine. Furthermore, as the blue pill does not run under the operating system context, the blue pill is very difficult to detect easily. The red pill is the competing concept (i.e., a forensics software that runs on the inspected machine and detects the existence of malicious hypervisor or blue pill). The concept of attestation of a host ensuring that no hypervisor is running was first introduced by Kennel and Jamieson in 2002. Modern advances in hypervisor technology and hardware-assisted virtualization enables more stealth and detection methods. This article presents all the recent innovation in stealth blue pills and forensics red pills.
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Software-based attestation"

1

Agrawal, Krish, Jha Rohan, Nishkarsh Luthra, Pilla Venkata Sekhar, Hrishesh Sharma, and Gourinath Banda. "Advancing Software-Defined Vehicles: An End-to-End Framework with Digital Twin Based Attestation for OTA Updates." In 2025 17th International Conference on COMmunication Systems and NETworks (COMSNETS). IEEE, 2025. https://doi.org/10.1109/comsnets63942.2025.10885560.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Peiqiang, Chen, Jorgen Boegh, and Yuan Yuyu. "Software Behavior Based Trusted Attestation." In 2011 International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). IEEE, 2011. http://dx.doi.org/10.1109/icmtma.2011.645.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Jakobsson, Markus, and Karl-Anders Johansson. "Practical and Secure Software-Based Attestation." In Privacy: Devices, Protocols, and Applications. IEEE, 2011. http://dx.doi.org/10.1109/lightsec.2011.8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Sundar, Shyam, Prabhakara Yellai, Siva Sankara Sai Sanagapati, Prayas Chandra Pradhan, and Sai Kiran Kumar Reddy Y. "Remote Attestation based Software Integrity of IoT devices." In 2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). IEEE, 2019. http://dx.doi.org/10.1109/ants47819.2019.9117946.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Preschern, Christopher, Andreas Johann Hormer, Nermin Kajtazovic, and Christian Kreiner. "Software-Based Remote Attestation for Safety-Critical Systems." In 2013 IEEE 6th International Conference On Software Testing, Verification and Validation Workshops (ICSTW). IEEE, 2013. http://dx.doi.org/10.1109/icstw.2013.7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

AbuHmed, Tamer, Nandinbold Nyamaa, and DaeHun Nyang. "Software-Based Remote Code Attestation in Wireless Sensor Network." In GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference. IEEE, 2009. http://dx.doi.org/10.1109/glocom.2009.5425280.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Castelluccia, Claude, Aurélien Francillon, Daniele Perito, and Claudio Soriente. "On the difficulty of software-based attestation of embedded devices." In the 16th ACM conference. ACM Press, 2009. http://dx.doi.org/10.1145/1653662.1653711.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Srinivasan, Raghunathan, Partha Dasgupta, and Tushar Gohad. "Software Based Remote Attestation for OS Kernel and User Applications." In 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust (PASSAT) / 2011 IEEE Third Int'l Conference on Social Computing (SocialCom). IEEE, 2011. http://dx.doi.org/10.1109/passat/socialcom.2011.76.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Yang, Yi, Xinran Wang, Sencun Zhu, and Guohong Cao. "Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks." In 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007). IEEE, 2007. http://dx.doi.org/10.1109/srds.2007.31.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Yang, Yi, Xinran Wang, Sencun Zhu, and Guohong Cao. "Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks." In 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007). IEEE, 2007. http://dx.doi.org/10.1109/srds.2007.4365698.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Software-based attestation' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography