ملخص
This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.
اللغة الأصلية | الإنجليزيّة |
---|---|
رقم المقال | 2669 |
دورية | Applied Sciences (Switzerland) |
مستوى الصوت | 12 |
رقم الإصدار | 5 |
المعرِّفات الرقمية للأشياء | |
حالة النشر | نُشِر - 1 مارس 2022 |
منشور خارجيًا | نعم |