Towards a Backdoorless Network Architecture Based on Remote Attestation and Backdoor Inspection
Takayuki Sasaki, Yusuke Shimada
TL;DR
This paper proposes a new network architecture that combines remote attestation and backdoor inspection to enhance device security and prevent backdoors, with considerations for real-world deployment.
Contribution
It introduces an architecture integrating remote attestation with backdoor inspection, addressing a gap in existing device authentication methods.
Findings
Backdoor inspection results are stored and verified during remote attestation.
The architecture enhances security by detecting embedded backdoors.
Deployment issues and solutions are discussed.
Abstract
To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been used. These techniques ensure the authenticity and integrity of the devices, but do not mitigate risks of a backdoor embedded in the devices by the developer. To tackle this problem, we propose a novel architecture that integrates remote attestation and backdoor inspection. Specifically, the backdoor inspection result is stored in a server and the verifier retrieves and checks the backdoor inspection result when the remote attestation is performed. Moreover, we discuss issues to deploy the proposed architecture to the real world.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Security and Verification in Computing · Physical Unclonable Functions (PUFs) and Hardware Security