YoVDO

C-FLAT - Control-Flow Attestation for Embedded Systems Software

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Software Security Courses Remote Attestation Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that introduces C-FLAT: Control-FLow Attestation for Embedded Systems Software. Delve into the motivation behind this technology, recent vulnerabilities, and the principles of remote attestation. Examine the problem space of runtime attacks and related work before discovering the authors' contributions and assumptions. Gain insights into the C-FLAT architecture, including its big picture and loop handling techniques. Learn about the prototype architecture, binary instrumentation, and the application of C-FLAT to a syringe pump main function. Analyze final hash measurements, C-FLAT logs for PUSH actions, and potential attacks on the syringe pump. Evaluate the performance impact and engage in a discussion before reaching the conclusion of this 24-minute presentation by researchers from TU Darmstadt, Aalto University, Trustonic, and the University of California, Irvine.

Syllabus

Intro
Motivation
Recent Vulnerabilities
Principle of Remote Attestation
History of Remote Attestation
Problem Space of Runtime Attacks
Related Work
Our Contributions
Assumptions
C-FLAT: Big Picture
C-FLAT: Loop Handling
Prototype Architecture
Binary Instrumentation
Applying C-FLAT to Syringe Pump main
Final Hash Measurements
C-FLAT Log for PUSH action
Attacking the Syringe Pumb
Performance Impact
Discussion
Conclusion


Taught by

ACM CCS

Related Courses

Peeling the Onion's User Experience Layer - Examining Naturalistic Use of the Tor Browser
Association for Computing Machinery (ACM) via YouTube
DeepCorr - Strong Flow Correlation Attacks on Tor Using Deep Learning
Association for Computing Machinery (ACM) via YouTube
SandScout - Automatic Detection of Flaws in iOS Sandbox Profiles
Association for Computing Machinery (ACM) via YouTube
Game of Decoys - Optimal Decoy Routing Through Game Theory
Association for Computing Machinery (ACM) via YouTube
PREDATOR - Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration
Association for Computing Machinery (ACM) via YouTube