Title :
Detecting Attacks on Java Cards by Fingerprinting Applets
Author :
Morana, Giovanni ; Tramontana, Emiliano ; Zito, Domenico
Author_Institution :
Dipt. di Mat. e Inf., Univ. of Catania, Catania, Italy
Abstract :
Differently from classical JVMs, generally JavaCard Virtual Machines (JCVMs) rely only on limited amount of resources typical of smart cards. Recently, several mixes of logical and physical manoeuvres have been devised to exploit typical JCVM weaknesses and to have mutant applets by means e.g. of faults injection. Such combined attacks manage to bypass the existing countermeasures of several versions of JCVMs. This paper proposes an approach for detecting mutant applets, as soon as they appear at runtime, hence revealing and thwarting an ongoing attack. The approach is completely transparent to the applet´s developer, and only a limited (a priori computable) amount of resources are used at runtime, hence it is affordable on board of smart cards. Our experiments have shown that the proposed solution has only a very limited impact on the performances of the target platform.
Keywords :
Java; operating systems (computers); security of data; virtual machines; JCVMs; JavaCard virtual machines; applet developer; attack detection; faults injection; fingerprinting Applets; mutant applets; smart cards; Arrays; Fingerprint recognition; Java; Monitoring; Runtime; Security; Smart cards; Java card; combined attacks; runtime verification;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), 2013 IEEE 22nd International Workshop on
Conference_Location :
Hammamet
Print_ISBN :
978-1-4799-0405-1
DOI :
10.1109/WETICE.2013.39
