Accéder directement au contenu Accéder directement à la navigation
Communication dans un congrès

Detecting Fault Injection Attacks with Runtime Verification

Abstract : Fault injections are increasingly used to attack/test secure applications. In this paper, we define formal models of runtime monitors that can detect fault injections that result in test inversion attacks and arbitrary jumps in the control flow. Runtime verification monitors offer several advantages. The code implementing a monitor is small compared to the entire application code. Monitors have a formal semantics; and we prove that they effectively detect attacks. Each monitor is a module dedicated to detecting an attack and can be deployed as needed to secure the application. A monitor can run separately from the application or it can be weaved inside the application. Our monitors have been validated by detecting simulated attacks on a program that verifies a user PIN.
Type de document :
Communication dans un congrès
Liste complète des métadonnées

Littérature citée [76 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-02283434
Contributeur : Yliès Falcone <>
Soumis le : mardi 1 octobre 2019 - 17:29:50
Dernière modification le : jeudi 19 novembre 2020 - 13:02:10

Fichier

Identifiants

Collections

Citation

Ali Kassem, Yliès Falcone. Detecting Fault Injection Attacks with Runtime Verification. SPRO 2019 - 3rd International Workshop on Software PROtection, Nov 2019, Londres, United Kingdom. pp.65-76, ⟨10.1145/3338503.3357724⟩. ⟨hal-02283434⟩

Partager

Métriques

Consultations de la notice

139

Téléchargements de fichiers

202