On Device Attestation by Harnessing Runtime Application Profiling with a Local Isolated Hardware-Based Verifier

Abstract

The growing reliance on small-scale resource constrained devices in everyday applications, coupled with their need for network connectivity, mandates their investment in cyber security. While existing software and hardware security protocols for computing systems enforce secure system instantiation and continuous monitoring of incoming data, these solutions are often impractical for such devices due their cost and energy efficient design limiting their feasibility to support resource-intensive security measures. Remote Attestation is a lightweight security protocol suitable for resource-limited devices and actively explored in ongoing research. In Remote Attestation, a trusted remote component (the Verifier) detects potential compromises in a device (the Prover) by periodically verifying its system state. However, existing attestation solutions, while addressing various cyber threats, typically consider CPU Cache-based Side-channel Attacks (CCSCA) to be out of scope or orthogonal. In CCSCA an attacker also known as adversary exploits shared cache protocols and timing information to infer sensitive data from a benign program. Unlike traditional attestation methods that primarily focus on detecting modifications in program or data memory, CCSCA do not alter control-flow paths or critical data of their target program. This fundamental difference renders conventional memory-focused attestation techniques ineffective against them. Furthermore, traditional Remote Attestation schemes often rely on a remote Verifier, which is exposed to multiple attack vectors through potentially insecure network channels. This thesis directly addresses the aforementioned gaps by proposing a Profiling-based Local Attestation Framework (PLAF), a hardware-assisted attestation design aimed at the detection of CPU Cache-based Side-channel Attacks. The PLAF leverages profiling information obtained from the underlying hardware architecture, as CCSCA manipulate shared cache resources, which can be monitored through changes in cache access patterns, hit rates, and miss rates. Additionally PLAF reduces the attack surface of its Verifier by localising it within an integrated FPGA-based hardware module. This means the Verifier resides directly on the attested device, making it inaccessible to network-based attack vectors as opposed to a remote Verifier that communicates over potentially insecure network channels. This also enables a device-specific Verifier tailored to the application requirements. The PLAF leverages an Attestation Profiling Framework (APF). A foundational component for PLAF. The APF is a hardware-software co-design that reduces the noise of the profiling metrics by offloading profiling data storage and processing to dedicated hardware within an FPGA. This noise reduction enhances detection of the CCSCA activity through more accurate profiling results. The evaluation of the proposed attestation design demonstrates the impact that different types of CCSCA activity impose on the device by simulating various attack scenarios and collecting profiling metrics. As a proof of concept, the attestation protocol successfully detects a 'Prime and Probe' attack simulation, confirming its ability to identify deviations from expected execution behaviour. Furthermore, additional experiments on the hybrid profiling approach implemented in the APF show the benefits of reducing profiling noise. Specifically, results show that the variance in certain cache-related metrics is reduced by up to 5 times compared to an equivalent software-only profiling framework. This highlights the advantages of offloading profiling operations to dedicated hardware, which enhance the accuracy on the detection of CCSCA activity.

Date of Award	6 Jun 2025
Original language	English
Awarding Institution	The University of Manchester
Supervisor	Mikel Luján (Main Supervisor) & Anthony Goodacre (Co Supervisor)