Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.760316
Title: Malware tolerance : distributing trust over multiple devices
Author: Denzel, Michael
ISNI:       0000 0004 7432 3064
Awarding Body: University of Birmingham
Current Institution: University of Birmingham
Date of Award: 2018
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
Current security solutions try to keep the adversary out of the computer infrastructure. However, with zero-day exploits and certain rootkit attacks, the assumption that attacks can be blocked does not hold any more. This work presents the concept of malware tolerance accepting that every device might be compromised at some point in time. The concept aims to distribute trust over several devices so that no single device is able to compromise security features by itself. I create three malware-tolerant techniques to demonstrate the feasibility of the concept. This thesis introduces a trusted input system which delivers keystrokes securely from the keyboard to a recipient even if one of its components is compromised. The second approach is the design of a self-healing Industrial Control System, a sensor-actuator network to securely control a physical system. If an adversary manages to compromise one of the components, it remains secure and can even recover from attacks. Lastly, this thesis proposes a mesh network architecture aimed at smart-home networks without assuming any device in the network invulnerable to attacks applying isolation mechanisms to otherwise flat mesh networks. This thesis gives formal security proofs with protocol verifier ProVerif. The proof scripts are open-source.
Supervisor: Not available Sponsor: Engineering and Physical Sciences Research Council (EPSRC)
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.760316  DOI: Not available
Keywords: QA75 Electronic computers. Computer science ; QA76 Computer software
Share: