custos practical tamper evident auditing of operating
play

Custos: Practical Tamper-Evident Auditing of Operating Systems - PowerPoint PPT Presentation

Oct 29, 2022 •143 likes •730 views

Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher W. Fletcher, Andrew Miller, Dave Tian Logs Are Useful 2 Custos: Practical

  1. Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher W. Fletcher, Andrew Miller, Dave Tian

  2. Logs Are Useful 2 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  3. Logs Are Useful • 75% of incident response specialists said logs are the most valuable artifact during an investigation. 1 1 Carbon Black Quarterly Incident Response Threat Report April 2019 3 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  4. Logs Are Useful • 75% of incident response specialists said logs are the most valuable artifact during an investigation. 1 1 Carbon Black Quarterly Incident Response Threat Report April 2019 4 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  5. 5 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  6. 6 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  7. Attack Model Attack pattern: 1. Initial Access 2. Establish Foothold 3. Download Exploit 4. Privilege Escalation 5. Log Tampering 7 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  8. Attack Model Attack pattern: 1. Initial Access 2. Establish Foothold Logs about the compromise 3. Download Exploit are crucial for forensics! 4. Privilege Escalation 5. Log Tampering 8 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  9. Attack Model Attack pattern: If the attacker does not tamper with them, we can detect the attack. 1. Initial Access 2. Establish Foothold Logs about the compromise 3. Download Exploit are crucial for forensics! 4. Privilege Escalation 5. Log Tampering 9 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  10. Attack Model Attack pattern: If the attacker does not tamper with them, we can detect the attack. 1. Initial Access 2. Establish Foothold Logs about the compromise 3. Download Exploit are crucial for forensics! 4. Privilege Escalation If the attacker tampers 5. Log Tampering with them, we can’t detect the attack. 10 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  11. Attack Model Attack pattern: 1. Initial Access 2. Establish Foothold 3. Download Exploit 4. Privilege Escalation 5. Log Tampering 11 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  12. Attack Model Attack pattern: 1. Initial Access 2. Establish Foothold 3. Download Exploit 4. Privilege Escalation 5. Log Tampering 6. Lateral Movement 12 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  13. Attack Model Attack pattern: 1. Initial Access 2. Establish Foothold 3. Download Exploit 4. Privilege Escalation Central Server? 5. Log Tampering 6. Lateral Movement 13 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  14. Attack Model Attack pattern: 1. Initial Access Logs 2. Establish Foothold 3. Download Exploit 4. Privilege Escalation Integrity proofs 5. Log Tampering 6. Lateral Movement 14 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  15. Design Overview 15 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  16. Design Overview 1) TAMPER-EVIDENT LOGGING 16 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  17. Design Overview 1) TAMPER-EVIDENT 2) AUDITING LOGGING 17 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  18. Logger 18 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  19. sk // secret key Logger ENCLAVE 19 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  20. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m i ) ENCLAVE 20 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  21. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m 1 ) m 1 ENCLAVE 21 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  22. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m 2 ) m 1 m 2 ENCLAVE 22 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  23. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m h ) m 1 m 2 … m h ENCLAVE 23 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  24. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m h ) m 1 m 2 … m h ENCLAVE 24 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  25. ! = #$% &' ()*&+( , - || … || , + ||0)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m h ) m 1 Auditor m 2 … m h ENCLAVE 25 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  26. " = $%& '( (*+',( - . || … || - , ||1)) sk // secret key c // counter Logger H // current hash Logging: H .Update( m h ) m 1 Commitment: Auditor m 2 H .Update(c) … ! = Sig sk ( H ) m h H .Init() c ++ ENCLAVE 26 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  27. Auditing 1) CENTRALIZED AUDITING 27 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  28. Auditing 1) CENTRALIZED 2) DECENTRALIZED AUDITING AUDITING 28 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  29. Decentralized Auditing Logger+Auditor Logger+Auditor Logger+Auditor Logger+Auditor 29 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  30. Auditor z Logger v ENCLAVE pk v -> public key of v 30 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  31. Auditor z audit challenge 1 Logger v ENCLAVE pk v -> public key of v 31 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  32. ! = #$% &' ( (*+&,( - . || … || - , ||1)) Auditor z audit challenge 1 Logger v ENCLAVE pk v -> public key of v 32 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  33. ! = #$% &' ( (*+&,( - . || … || - , ||1)) Auditor z audit challenge 1 logs and 3 2 Logger v ENCLAVE pk v -> public key of v 33 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  34. " = $%& '( ) (+,'-( . / || … || . - ||2)) Verification ( ! , m 1 , …, m h , c): Auditor z audit challenge 1 H = Hash ( m 1 || … || m h || c ) result = Ver pk_v ( ! , H ) logs and ! 2 Logger v ENCLAVE pk v -> public key of v 34 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  35. Security Analysis 35 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  36. Security Analysis sk // secret key Logger v c // counter H // current hash Logging: H .Update( m i ) ENCLAVE 36 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  37. Security Analysis sk // secret key Logger v c // counter H // current hash Logging: H .Update( m h ) m 1 Attack pattern: m 2 1. Initial Access … 2. Establish Foothold m h 3. Download Exploit 4. Privilege Escalation ENCLAVE 37 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

  38. Security Analysis sk // secret key Logger v c // counter H // current hash Logging: H .Update( m h ) m 1 m’ 1 Attack pattern: m 2 m’ 2 1. Initial Access … … 2. Establish Foothold m h m’ k 3. Download Exploit 4. Privilege Escalation 5. Log tampering ENCLAVE 38 Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution – Riccardo Paccagnella

Recommend

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology L C S Cases for Physical Security Applications

519 views • 23 slides
Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice University Everyone has logs Tamper evident solutions Current commercial solutions Write only hardware appliances Security depends on

1.32k views • 82 slides
TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which

TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which

TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which possesses a barrier to entry which, if breached or missing, will provide visible evidence to consumers that tampering had occurred MESOPOTAMIAN

516 views • 30 slides
New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent Immler, Karthik Uppund Conference on Cryptographic Hardware and Embedded Systems, Atlanta, Aug 26, 2019 PUF in a Nutshell: Biometrics of Objects PUF

403 views • 21 slides
VoteBox: a verifiable, tamper-evident electronic voting system

VoteBox: a verifiable, tamper-evident electronic voting system

VoteBox: a verifiable, tamper-evident electronic voting system Daniel R. Sandler Rice University

1.38k views • 86 slides
MA Final Talk: Tamper-Evident Publication of Internet Measurements Max Helm Advisors: Oliver

MA Final Talk: Tamper-Evident Publication of Internet Measurements Max Helm Advisors: Oliver

Chair of Network Architectures and Services Department of Informatics Technical University of Munich MA Final Talk: Tamper-Evident Publication of Internet Measurements Max Helm Advisors: Oliver Gasser, Benjamin Hof, Quirin Scheitle July 16,

423 views • 26 slides
5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident

5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident

5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident Microprocessors Applications OS Hypervisor Motherboard/ Slave Chips Adam Waksman CPU Simha Sethumadhavan Complexity increases risk of

340 views • 4 slides
Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin and L Cranor Ranjit Randhawa Department of Computer Science Virginia Tech Outline Overview of Publius Anonymity tools Publius in

414 views • 13 slides
Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso

Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso

Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso Custos Industriais Disciplina Esquema Bsico da Contabilidade de Custos Tema Luizete Aparecida Fabbris Professor Kenedy Rufino Introduo Como

380 views • 12 slides
MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS

MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS

APERFEIOAMENTO DA GESTO ASSISTENCIAL E MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS SADE PROVEDORES DE SERVIOS HOSPITALARES Srgio Lopez Bento

948 views • 53 slides
Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst Frankenberger University of Applied Sciences Lbeck SG 4: Auditing - Lbeck 16.09.2002 1 Remarks on Auditing, Regulatory Auditing and Regulatory

305 views • 16 slides
http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

Design Principles for Tamper-Resistant Smartcard Processors Oliver Kmmerling Markus G. Kuhn ADSR Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules Microprobing Open the

465 views • 22 slides
Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1 Outline Overview What is auditing? What does an audit system look like? How do you design an auditing system? Auditing mechanisms

1.4k views • 88 slides
2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal users or systems or others with physical Physical Attacks and Tamper Resistance access to it

449 views • 11 slides
Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge University of Erlangen/ Computer Laboratory Purdue University Applications of Tamper Resistant Modules Security of cryptographic applications is based

149 views • 12 slides
THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

16/11/2012 THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with certification) OF SOCIAL ACCOUNTS A DEBATE (CONSIDERING IN THIS CASE ONLY ITALY): A) ONLY VOLUNTARY B) COMPULSORY BY LAW 1

322 views • 7 slides
Building and Breaking Block Chains Merlin Corey Pandoblox Engineer Shellcon 2018 Who is that

Building and Breaking Block Chains Merlin Corey Pandoblox Engineer Shellcon 2018 Who is that

Building and Breaking Block Chains Merlin Corey Pandoblox Engineer Shellcon 2018 Who is that Merlin guy? Cryptography nerd Null Space Labs keyholder LayerOne Hardware Hacking Village Defcon Tamper Evident Village DC949

456 views • 45 slides
Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Victorian Auditor-Generals Office Auditing in the Public Interest Auditing in the Public Interest Victorian Government Solicitors Office Seminar 30 May 2007 Des Pearson - Auditor-General 1 Auditing in the Public Interest Personal

352 views • 20 slides
INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing and assurance plays a crucial part of ensuring the safety and integrity of any diving system as well as ensuring safe and efficient diving

185 views • 14 slides
Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! journals EteSync doesn't need to! stosb.com/talks Tom Hacohen tom@stosb.com FOSDEM 2018 @TomHacohen

498 views • 30 slides
Bitcoin CS 161: Computer Security Prof. David Wagner April 16, 2013 Special request: Please

Bitcoin CS 161: Computer Security Prof. David Wagner April 16, 2013 Special request: Please

Bitcoin CS 161: Computer Security Prof. David Wagner April 16, 2013 Special request: Please spread out! Pair up. Each pair, sit far away from anyone else. If youre just arriving, sit next to someone who is alone. Tamper-evident Audit Logs

508 views • 15 slides
Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives

Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives

Why Data Auditing is Important Arizona State Public Health Laboratory April 2019 Objectives Define data auditing Explain the importance of data auditing Data Auditing What does data mean to you? What is data auditing? When

648 views • 33 slides
Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler www.andysayler.com University

Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler www.andysayler.com University

Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler www.andysayler.com University of Colorado, Boulder Masters of Science Computer Science Trust Who do we trust with our data? Today... Feature Provider Features Feature

2.39k views • 199 slides
Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of

Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of

Auditing : the good, the bad and the ugly A. Feinberg 14 Sep 2017 1 I must pay a debt of gratitude to DeWitt Beeler, who in an article published in the 1999 May Issue of Quality Progress provided me with a fresh look at auditing and

557 views • 41 slides

More recommend