| Title | Cryptographically Secure Detection of Injection Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Lu, Yun, Mitropoulos, Konstantinos, Ostrovsky, Rafail, Weinstock, Avraham, Zikas, Vassilis |
| Conference Name | Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5693-0 |
| Keywords | attestation, composability, Human Behavior, memory corruption, provable security, pubcrawl, Resiliency |
| Abstract | Direct Memory Access (DMA) attacks can allow attackers to access memory directly, bypassing OS supervision or software protections. In this work, we put forth and benchmark a cryptographically secure attestation scheme, which detects DMA attacks. In fact, our scheme detects any attack in a more general class of attacks which we call "direct injection". We prove security of our scheme under a realistic machine model which extends in a non-trivial manner a cryptographic model proposed by Lipton, Ostrovsky, and Zikas (ICALP 2016.) Despite the fact that our scheme, in its current form, protects against write-only attacks, both our security model and our scheme can be extended to allow the attacker to have additional read access to memory--thereby capturing leakage--as well as detecting more types of memory corruptions such as bit flips. |
| URL | http://doi.acm.org/10.1145/3243734.3278503 |
| DOI | 10.1145/3243734.3278503 |
| Citation Key | lu_cryptographically_2018 |
Cryptographically Secure Detection of Injection Attacks