Please use this identifier to cite or link to this item: https://ptsldigital.ukm.my/jspui/handle/123456789/513324
Title: A system architecture with a secure protocol for remote software tampering detection in embedded systems
Authors: Abdo Ali Abdullah Al-Wosabi (P72745)
Supervisor: Zarina Shukur, Prof. Dr.
Keywords: System architecture
Embedded computer systems
Issue Date: 2-May-2018
Description: No doubt, a person of modern society relying on Embedded Systems (ESs) has increased rapidly and the era of digital machines is gaining popularity among users and also systems providers. At the same time, such instruments face substantial security challenges because they usually operate in a physically unprotected environment, and thus attract the attackers to gain unauthorized access for utilizing the system functions. Accordingly, system integrity is important and hence there is a need to propose a technique/tool to verify that the original/pure systems codes have been used in those devices. In this research, our main objective is to design a system architecture with a secure communication for code integrity verification of an ES. Indeed, the study presents the proposed system architecture for ESs integrity verification which includes two main phases: fetching an ES code at a server site and examining the ES at a remote site (using a designed user application). The integrity of that ES has been verified by comparing the computed hash value, at the user site, to the digest value of the previously saved code; the result could show whether that system has been altered or tampered with. Essentially, the hash function (SHA-2) with a random key to calculate a unique digest value for a targeted system have been utilized. Also, the study used timestamps and nonce values, two secure keys, and public key algorithm to design a secure protocol in-order to prevent potential attacks during data and the associated values transfer between the server and the remote user application. As many researchers state that the formal methods are very precise and accurate for presenting system specifications; this study modeled and analyzed the proposed verification protocol using the Communicating Sequential Processes (CSP) formal method approach. Thus, the study has represented the proposed protocol and its secrecy and authentication specifications using the CSP approach. Besides, the Compiler for the Analysis of Security Protocols (Casper) has been used to translate the protocol description into the corresponding process algebra CSP model. Then, the researcher used the Failures Divergences Refinement (FDR) in-order to evaluate the proposed protocol. Those formal method tools are considered as a reliable verification measurement in-order to figure-out potential flaws and correct them. Overall, the final output of checking all the defined secrecy and authentication assertions using FDR 4.2.0, and thus all the secrecy and authentication specifications defined in the developed Casper script are passed; in other words, the FDR fails to trace any potential attack upon the proposed protocol. Additionally, the entire framework has been evaluated, and thus five experts were reviewed to determine the positive features, suggested enhancements, and obstacles and weaknesses of the proposed framework. The results obtained from expert evaluations indicate their satisfactions and they considered the proposed framework would be useful.,Certification on Master's/Doctoral Thesis" is not available
Pages: 210
Call Number: TK7895.E42A456 2018 3 tesis
Publisher: UKM, Bangi
Appears in Collections:Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Files in This Item:
File Description SizeFormat 
ukmvital_100137+SOURCE1+SOURCE1.0.PDF
  Restricted Access
439.84 kBAdobe PDFThumbnail
View/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.