grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

writeup of the trust-ensemble project

Browse source
This commit is contained in:
Arthur Grisel-Davy 2024-05-22 12:20:50 -04:00
parent cc34bfe953
commit 7c28c31a01
2 changed files with 506 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

479
trust/trust-ensemble/overview.svg Normal file
View file

@ -0,0 +1,479 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="210.52315mm"
height="110.85905mm"
viewBox="0 0 210.52315 110.85905"
version="1.1"
id="svg1"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25, custom)"
sodipodi:docname="overview.svg"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<sodipodi:namedview
id="namedview1"
pagecolor="#ffffff"
bordercolor="#000000"
borderopacity="0.25"
inkscape:showpageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#d1d1d1"
inkscape:document-units="mm"
inkscape:zoom="1.4342733"
inkscape:cx="397.06519"
inkscape:cy="242.98019"
inkscape:window-width="1920"
inkscape:window-height="1011"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="layer1"
showgrid="false" />
<defs
id="defs1">
<inkscape:path-effect
effect="fillet_chamfer"
id="path-effect37"
is_visible="true"
lpeversion="1"
nodesatellites_param="F,0,0,1,0,1.546451,0,1 @ F,0,0,1,0,0,0,1 @ F,0,0,1,0,2.251828,0,1 @ F,0,0,1,0,2.7382209,0,1 @ F,0,0,1,0,0,0,1 @ F,0,0,1,0,2.3833648,0,1"
radius="0"
unit="px"
method="auto"
mode="F"
chamfer_steps="1"
flexible="false"
use_knot_distance="true"
apply_no_radius="true"
apply_with_radius="true"
only_selected="false"
hide_knots="false" />
</defs>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1">
<rect
style="fill:#adadff;fill-opacity:1;stroke:none;stroke-width:1"
id="rect17"
width="48.279072"
height="105.59296"
x="93.79908"
y="2.2323999"
ry="4.7566404" />
<rect
style="fill:#ffccaa;fill-opacity:1;stroke:none;stroke-width:1"
id="rect16"
width="48.279072"
height="105.59296"
x="43.361824"
y="2.2323999"
ry="4.7566404" />
<rect
style="fill:#b4ed90;fill-opacity:1;stroke:none;stroke-width:1"
id="rect33"
width="61.695087"
height="105.59296"
x="145.54637"
y="2.2323999"
ry="4.7566404" />
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 80.93766,28.40365 27.36748,8.059854"
id="path38" />
<rect
style="fill:none;stroke:#999999;stroke-width:1;stroke-dasharray:none"
id="rect1"
width="34.623817"
height="38.216698"
x="2.0703497"
y="36.243713" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:6.66961px;font-family:Fuji;-inkscape-font-specification:Fuji;white-space:pre;inline-size:27.2924;display:inline;fill:#000000;stroke:none;stroke-width:2.10067;stroke-dasharray:none"
x="7.0553489"
y="37.770218"
id="text1"
transform="matrix(1.1570413,0,0,1.1570413,-4.2328904,3.9133597)"><tspan
x="7.0553489"
y="37.770218"
id="tspan7">Device </tspan><tspan
x="7.0553489"
y="46.107229"
id="tspan8">Under </tspan><tspan
x="7.0553489"
y="54.444242"
id="tspan9">Operation</tspan></text>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 80.93766,28.40365 27.36748,40.22114"
id="path39" />
<g
id="g26"
transform="translate(-13.341713)">
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect2"
width="28.685154"
height="12.401421"
x="65.594223"
y="22.20294"
ry="1.5852821"
rx="1.5852821" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="76.842331"
y="30.300173"
id="text2"><tspan
sodipodi:role="line"
id="tspan2"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="76.842331"
y="30.300173">S 1</tspan></text>
</g>
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:6.22431px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.96041"
x="105.68919"
y="8.7999907"
id="text15"><tspan
sodipodi:role="line"
id="tspan15"
style="stroke-width:1.96041"
x="105.68919"
y="8.7999907">Indicators</tspan></text>
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:6.22431px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.96041"
x="55.370193"
y="8.7999907"
id="text16"><tspan
sodipodi:role="line"
id="tspan16"
style="stroke-width:1.96041"
x="55.370193"
y="8.7999907">Sensors</tspan></text>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 80.93766,45.076969 27.36748,7.46718"
id="path40" />
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 80.93766,45.076969 27.36748,-8.613465"
id="path41" />
<g
id="g25"
transform="translate(-13.341713,0.72023058)">
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="76.24472"
y="46.280552"
id="text4"><tspan
sodipodi:role="line"
id="tspan4"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="76.24472"
y="46.280552">S 2</tspan></text>
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect20"
width="28.685154"
height="12.401421"
x="65.594223"
y="38.156029"
ry="1.5852821"
rx="1.5852821" />
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 80.93766,61.750288 27.36748,6.874502"
id="path42" />
<g
id="g24"
transform="translate(-13.341713,0.1278944)">
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="76.217438"
y="63.532562"
id="text5"><tspan
sodipodi:role="line"
id="tspan5"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="76.217438"
y="63.532562">S 3</tspan></text>
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect21"
width="28.685154"
height="12.401421"
x="65.594223"
y="55.421684"
ry="1.5852821"
rx="1.5852821" />
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="M 80.93766,78.423608 108.30514,68.62479"
id="path44" />
<g
id="g23"
transform="translate(-13.341713,0.41196203)">
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="76.094635"
y="79.921814"
id="text6"><tspan
sodipodi:role="line"
id="tspan6"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="76.094635"
y="79.921814">S 4</tspan></text>
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect22"
width="28.685154"
height="12.401421"
x="65.594223"
y="71.810936"
ry="1.5852821"
rx="1.5852821" />
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="M 80.93766,95.096927 108.30514,84.705432"
id="path45" />
<g
id="g22"
transform="translate(-13.341713)">
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="76.24472"
y="96.993454"
id="text3"><tspan
sodipodi:role="line"
id="tspan3"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="76.24472"
y="96.993454">S 5</tspan></text>
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect19"
width="28.685154"
height="12.401421"
x="65.594223"
y="88.896217"
ry="1.5852821"
rx="1.5852821" />
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="M 129.17908,36.463504 150.60102,61.85759"
id="path46" />
<g
id="g29"
transform="translate(-13.341713,8.0598541)">
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect18"
width="20.873951"
height="12.401423"
x="121.64685"
y="22.20294"
ry="6.2007103"
rx="6.2007103" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="30.313818"
id="text26"><tspan
sodipodi:role="line"
id="tspan26"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="30.313818">I 1</tspan></text>
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 129.17908,52.544149 21.42194,9.313441"
id="path47" />
<g
id="g30"
transform="translate(-13.341713,7.7823259)">
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect27"
width="20.873951"
height="12.401423"
x="121.64685"
y="38.561111"
ry="6.2007103"
rx="6.2007103" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="46.671989"
id="text28"><tspan
sodipodi:role="line"
id="tspan28"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="46.671989">I 2</tspan></text>
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="m 129.17908,68.62479 21.42194,-6.7672"
id="path48" />
<g
id="g31"
transform="translate(-13.341713,8.6120232)">
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect28"
width="20.873951"
height="12.401423"
x="121.64685"
y="53.812057"
ry="6.2007103"
rx="6.2007103" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="61.922935"
id="text29"><tspan
sodipodi:role="line"
id="tspan29"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="61.922935">I 3</tspan></text>
</g>
<path
style="fill:#ffffff;fill-opacity:1;stroke:#999999;stroke-width:1;stroke-linecap:round"
d="M 129.17908,84.705432 150.60102,61.85759"
id="path49" />
<g
id="g32"
transform="translate(-13.341713,8.0598541)">
<rect
style="fill:none;stroke:#ffffff;stroke-width:1"
id="rect26"
width="20.873951"
height="12.401423"
x="121.64685"
y="70.44487"
ry="6.2007103"
rx="6.2007103" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:5.45762px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="78.555748"
id="text27"><tspan
sodipodi:role="line"
id="tspan27"
style="fill:#000000;stroke:none;stroke-width:1.71894"
x="129.83257"
y="78.555748">I 4</tspan></text>
</g>
<path
d="M 232.62191,33.217302 V 48.107538 62.29214 a 1.3936895,1.3936895 31.753975 0 0 2.01538,1.247347 l 16.62514,-8.286112 a 4.4242298,4.4242298 121.75397 0 0 2.4507,-3.959669 l 0,-3.186168 v -3.541281 a 3.8508776,3.8508776 58.246025 0 0 -2.1331,-3.446521 l -17.57405,-8.759054 a 0.95712128,0.95712128 148.24603 0 0 -1.38407,0.85662 z"
style="fill:#ffffff;stroke:#ffffff"
id="path37"
inkscape:path-effect="#path-effect37"
inkscape:original-d="m 232.62191,31.670851 v 16.436687 16.43643 l 21.09122,-10.512041 v -5.924389 -5.924646 z"
transform="translate(-82.021023,13.749894)"
sodipodi:nodetypes="ccccccc" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:6.22431px;font-family:Fuji;-inkscape-font-specification:Fuji;fill:#000000;stroke:none;stroke-width:1.96041"
x="155.30286"
y="8.7999907"
id="text37"><tspan
sodipodi:role="line"
id="tspan37"
style="stroke-width:1.96041"
x="155.30286"
y="8.7999907">Trust Framework</tspan></text>
<g
id="path50">
<path
style="color:#000000;fill:#999999;stroke-linecap:round;-inkscape-stroke:none"
d="m 26.550781,27.904297 v 13.34375 a 0.5,0.5 0 0 0 0.5,0.5 0.5,0.5 0 0 0 0.5,-0.5 v -12.34375 h 24.701172 a 0.5,0.5 0 0 0 0.5,-0.5 0.5,0.5 0 0 0 -0.5,-0.5 z"
id="path57" />
<g
id="g56">
<path
style="color:#000000;fill:#999999;fill-rule:evenodd;-inkscape-stroke:none"
d="m 27.050781,38.548828 c -1.485477,0 -2.699219,1.213742 -2.699219,2.699219 0,1.485477 1.213742,2.701172 2.699219,2.701172 1.485477,0 2.701172,-1.215695 2.701172,-2.701172 0,-1.463888 -1.209173,-2.699219 -2.701172,-2.699219 z m 0,0.900391 c 0.991999,0 1.800781,0.832718 1.800781,1.798828 0,0.998521 -0.80226,1.800781 -1.800781,1.800781 -0.99852,0 -1.798828,-0.80226 -1.798828,-1.800781 0,-0.998521 0.800308,-1.798828 1.798828,-1.798828 z"
id="path56" />
</g>
</g>
<g
id="path51">
<path
style="color:#000000;fill:#999999;stroke-linecap:round;-inkscape-stroke:none"
d="m 33.568359,44.576172 a 0.5,0.5 0 0 0 -0.5,0.5 0.5,0.5 0 0 0 0.5,0.5 h 18.683594 a 0.5,0.5 0 0 0 0.5,-0.5 0.5,0.5 0 0 0 -0.5,-0.5 z"
id="path59" />
<g
id="g58">
<path
style="color:#000000;fill:#999999;fill-rule:evenodd;-inkscape-stroke:none"
d="m 33.568359,42.376953 c -1.485476,0 -2.701172,1.213742 -2.701172,2.699219 0,1.485477 1.215696,2.701172 2.701172,2.701172 1.463888,0 2.699219,-1.209174 2.699219,-2.701172 0,-1.485477 -1.213742,-2.699219 -2.699219,-2.699219 z m 0,0.900391 c 0.998521,0 1.798828,0.800307 1.798828,1.798828 0,0.991999 -0.832717,1.800781 -1.798828,1.800781 -0.99852,0 -1.800781,-0.80226 -1.800781,-1.800781 0,-0.998521 0.802261,-1.798828 1.800781,-1.798828 z"
id="path58" />
</g>
</g>
<g
id="path52">
<path
style="color:#000000;fill:#999999;stroke-linecap:round;-inkscape-stroke:none"
d="m 27.441406,56.386719 a 0.5,0.5 0 0 0 -0.5,0.5 V 62.25 h 25.310547 a 0.5,0.5 0 0 0 0.5,-0.5 0.5,0.5 0 0 0 -0.5,-0.5 H 27.941406 v -4.363281 a 0.5,0.5 0 0 0 -0.5,-0.5 z"
id="path61" />
<g
id="g60">
<path
style="color:#000000;fill:#999999;fill-rule:evenodd;-inkscape-stroke:none"
d="m 27.441406,54.1875 c -1.485477,0 -2.701172,1.213742 -2.701172,2.699219 0,1.463887 1.209174,2.701172 2.701172,2.701172 1.485477,0 2.699219,-1.215695 2.699219,-2.701172 0,-1.485477 -1.213742,-2.699219 -2.699219,-2.699219 z m 0,0.900391 c 0.998521,0 1.798828,0.800307 1.798828,1.798828 0,0.99852 -0.800307,1.800781 -1.798828,1.800781 -0.991999,0 -1.800781,-0.834671 -1.800781,-1.800781 0,-0.998521 0.802261,-1.798828 1.800781,-1.798828 z"
id="path60" />
</g>
</g>
<g
id="path53">
<path
style="color:#000000;fill:#999999;stroke-linecap:round;-inkscape-stroke:none"
d="m 20.044922,73.960937 a 0.5,0.5 0 0 0 -0.5,0.5 v 4.462891 h 32.707031 a 0.5,0.5 0 0 0 0.5,-0.5 0.5,0.5 0 0 0 -0.5,-0.5 H 20.544922 v -3.462891 a 0.5,0.5 0 0 0 -0.5,-0.5 z"
id="path63" />
<g
id="g62">
<path
style="color:#000000;fill:#999999;fill-rule:evenodd;-inkscape-stroke:none"
d="m 20.044922,71.759766 c -1.485477,0 -2.699219,1.215695 -2.699219,2.701171 0,1.463888 1.20722,2.699219 2.699219,2.699219 1.485477,0 2.699219,-1.213742 2.699219,-2.699219 0,-1.485476 -1.213742,-2.701171 -2.699219,-2.701171 z m 0,0.90039 c 0.998521,0 1.800781,0.802261 1.800781,1.800781 0,0.998521 -0.80226,1.798829 -1.800781,1.798829 -0.991999,0 -1.800781,-0.832718 -1.800781,-1.798829 0,-0.99852 0.80226,-1.800781 1.800781,-1.800781 z"
id="path62" />
</g>
</g>
<g
id="path54">
<path
style="color:#000000;fill:#999999;stroke-linecap:round;-inkscape-stroke:none"
d="m 8.2558594,70.890625 a 0.5,0.5 0 0 0 -0.5,0.5 V 95.597656 H 52.251953 a 0.5,0.5 0 0 0 0.5,-0.5 0.5,0.5 0 0 0 -0.5,-0.5 H 8.7558594 V 71.390625 a 0.5,0.5 0 0 0 -0.5,-0.5 z"
id="path65" />
<g
id="g64">
<path
style="color:#000000;fill:#999999;fill-rule:evenodd;-inkscape-stroke:none"
d="m 8.2558594,68.691406 c -1.4854768,0 -2.7011719,1.213742 -2.7011719,2.699219 0,1.463887 1.2091734,2.699219 2.7011719,2.699219 1.4854767,0 2.6992186,-1.213742 2.6992186,-2.699219 0,-1.485477 -1.2137419,-2.699219 -2.6992186,-2.699219 z m 0,0.898438 c 0.9985207,0 1.7988286,0.80226 1.7988286,1.800781 0,0.998521 -0.8003079,1.800781 -1.7988286,1.800781 -0.991999,0 -1.8007813,-0.834671 -1.8007813,-1.800781 0,-0.998521 0.8022605,-1.800781 1.8007813,-1.800781 z"
id="path64" />
</g>
</g>
</g>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 19 KiB

27
trust/trust-ensemble/writeup.typ Normal file
View file

@ -0,0 +1,27 @@
#align(center)[#text(weight: "bold", size:2em)[Computing Trust from a Committee of Sensors]]
#v(3em)
#figure(
caption: "Overview of the data pipeline from the device under operation to the trust framework",
image("overview.svg", width:100%),
)<fig:overview>
Expanding on the previus work , the idea is to leverage the information comming from more than one sensor.
The sensors can be of different types (side-channel, host-based, network-based, user-feedback, log-based, etc.), but they should all report a binary or ternary values.
= Sensors
#grid(
columns: 3,
inset: 10pt,
fill: (x, y) =>
if calc.even(y) { luma(230) }
else { white },
align: (left, right, right),
[*Sensor*], [*Indicators*], [*Output*],
[MAD + Policy], [High Consumption,Boots, Reboots, etc.], [Ternary],
[BPV], [Boots, Abnormal Boot], [Binary],
[File Scanner (ClamAV)], [Malware], [Binary/Ternary],
[Log Scanner ], [Abnormal Activity, Malware, Abnormal Boots], [Binary]
)