Remote Audit Scheme of Embedded Device Software Based on TPM

With the wide application of embedded devices, the security problems caused by malware intrusion into embedded systems are increasing. Existing malware detection models are difficult to be deployed to a wide variety of resource-constrained embedded devices. Undetectable malware can cause devices to malfunction and potentially spread to other devices causing massive device failures. We propose a TPM-based remote auditing scheme for embedded device software, aiming at the problem that the existing malware detection models are difficult to be deployed on embedded systems. This paper analyzes the security threats faced by the existing embedded system malware detection schemes and raised the security objectives. We use Trusted Platform Module (TPM) to extract the software of IoT devices and send it to the back-end server for malware detection. We use federated learning combining adversarial learning and distributed training to improve the robustness of the model by adding adversarial samples for retraining, and effectively prevent the leakage of collected samples from becoming negative. Our scheme ensures the credibility of software extraction and the security of communication process through TPM. The scheme also solves the problem that existing malware detection models are difficult to be deployed. We finally analyze the security of the scheme, which can resist integrity destruction, forgery, replay attack and masquerade attack.