Detecting Code Alteration by Creating a Temporary Memory Bottleneck

Author

Gardner, Ryan W. ; Garera, Sujata ; Rubin, Aviel D.

Author_Institution

Dept. of Comput. Sci., Johns Hopkins Univ., Baltimore, MD, USA

Volume

4

Issue

4

fYear

2009

Firstpage

638

Lastpage

650

Abstract

We develop a new technique whereby a poll worker can determine whether the software executing on electronic voting machines on election day has been altered from its factory version. Our generalized approach allows a human, using a known challenge-response pair, to detect attacks that involve modification or replacement of software on a computer based on the time it takes the computer to provide a correct response to a challenge. We exploit the large difference between main memory access times and cache memory access or CPU clock cycle times to significantly increase the time required to compute the right response when the software has been changed.

Keywords

cache storage; computer viruses; government data processing; politics; program diagnostics; program verification; CPU clock cycle time; attack detection; cache memory access; challenge-response pair; code alteration detection; computer security; computer virus; electronic voting machine; factory version; main memory access time; poll worker; software execution; software modification; software protection; software replacement; software validation; software verification; temporary memory bottleneck; Computer security; computer viruses; software protection; software verification and validation;

fLanguage

English

Journal_Title

Information Forensics and Security, IEEE Transactions on

Publisher

ieee

ISSN

1556-6013

Type

jour

DOI

10.1109/TIFS.2009.2033231

Filename

5272307