SWATT: SoftWare-based ATTestation for Embedded Devices

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Arvind Seshadri Articles by Adrian Perrig Articles by Leendert van Doorn Articles by Pradeep Khosla

2004 IEEE Symposium on Security and Privacy

Berkeley, California

May 09-May 12

ISBN: 0-7695-2136-3

	ASCII Text	x
	Arvind Seshadri, Adrian Perrig, Leendert van Doorn, Pradeep Khosla, "SWATT: SoftWare-based ATTestation for Embedded Devices," Security and Privacy, IEEE Symposium on, pp. 272, 2004 IEEE Symposium on Security and Privacy, 2004.

	BibTex	x
	@article{ 10.1109/SECPRI.2004.1301329, author = {Arvind Seshadri and Adrian Perrig and Leendert van Doorn and Pradeep Khosla}, title = {SWATT: SoftWare-based ATTestation for Embedded Devices}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2004}, issn = {1540-7993}, pages = {272}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.2004.1301329}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - SWATT: SoftWare-based ATTestation for Embedded Devices SN - 1540-7993 SP EP A1 - Arvind Seshadri, A1 - Adrian Perrig, A1 - Leendert van Doorn, A1 - Pradeep Khosla, PY - 2004 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Arvind Seshadri, CMU/CyLab

Adrian Perrig, CMU/CyLab

Leendert van Doorn, IBM

Pradeep Khosla, CMU/CyLab

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SECPRI.2004.1301329

We expect a future where we are surrounded by embedded devices, ranging from Java-enabled cell phones to sensor networks and smart appliances. An adversary can compromise our privacy and safety by maliciously modifying the memory contents of these embedded devices. In this paper, we propose a SoftWare-based ATTestation technique (SWATT) to verify the memory contents of embedded devices and establish the absence of malicious changes to the memory contents. SWATT does not need physical access to the device's memory, yet provides memory content attestation similar to TCG or NGSCB without requiring secure hardware. SWATT can detect any change in memory contents with high probability, thus detecting viruses, unexpected configuration settings, and Trojan Horses. To circumvent SWATT, we expect that an attacker needs to change the hardware to hide memory content changes.

We present an implementation of SWATT in off-the-shelf sensor network devices, which enables us to verify the contents of the program memory even while the sensor node is running.

Citation:

Arvind Seshadri, Adrian Perrig, Leendert van Doorn, Pradeep Khosla, "SWATT: SoftWare-based ATTestation for Embedded Devices," sp, pp.272, 2004 IEEE Symposium on Security and Privacy, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.