Exercises sheet 6
- Check the slide 4 of Week 6 - video 1. Based on past lectures, design conceptually the steps necessary to deploy a rootkit.
- Explain how TPM could be used to detect rootkits.
- Explain how LoadPin and lockdown LSMs may help prevent rootkit installation.
- Discuss how the LSM framework (see previous lecture) could be used to prevent the installation of a kernel rootkit (e.g., see kernel_read_file hook and kernel_post_read_file hook). In your opinion would this represent a perfect solution?
- What is the threat model for a single sign-on service within Trustzone on an Android device?
- What is the Trusted Computing Base for a single sign-on service within Trustzone on an Android device?
- Compare and contract Intel SGX and ARM Trustzone.