Το work with title Enabling malware analysis for IoT Devices using remote trusted execution environments by Sapounas Georgios is licensed under Creative Commons Attribution 4.0 International
Bibliographic Citation
Georgios Sapounas, "Enabling malware analysis for IoT Devices using remote trusted execution environments", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2023
https://doi.org/10.26233/heallink.tuc.97473
The proliferation of Internet of Things (IoT) devices has raised significant concerns regarding the privacy and security of sensitive data processed by these devices. In response to these challenges, this research presents a novel cloud-based malware detection solution that leverages Intel SGX enclaves, offering robust privacy preserving guarantees for IoT devices transmitting sensitive data to remote infrastructure for malware analysis. The proposed system consists of a lightweight client application and a centralized server side infrastructure that exploits hardware assisted encryption and remote attestation capabilities.By offloading the computationally intensive task of malware analysis to remote servers, hosted within SGX enclaves, a secure environment is established, effectively shielding the transfer and processing of user data, even in untrusted infrastructures. This solution not only addresses the inherent security and privacy concerns of data offloading but also optimizes IoT resource utilization, providing an efficientand secure framework for malware detection in IoT environments. The research outcomes contribute to the advancement of signature-based malware detection for IoT ecosystems and serve as a blueprint for enhancing other security systems that leverage user-level enclaves in the IoT domain. Furthermore, the proposed solution ensures secure communication, attestation, and data management, thereby offering a practical and scalable approach to protect private user data from malicious entities and potential inquisitive service providers. The research findings address the critical need to safeguard sensitive data in IoT environments and provide valuable insights into preserving privacy and security in the era of interconnected devices.