research-article

FADIA: fairness-driven collaborative remote attestation

Authors:
Mohamad Mansouri

Thales SIX GTS, EURECOM, France

Thales SIX GTS, EURECOM, France
View Profile

,
Wafa Ben Jaballah

Thales SIX GTS, France

Thales SIX GTS, France
View Profile

,
Melek Önen

EURECOM, France

EURECOM, France
View Profile

,
Md Masoom Rabbani

KU Leuven, Belgium

KU Leuven, Belgium
View Profile

,
Mauro Conti

University of Padua, Italy

University of Padua, Italy
View Profile

WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile NetworksJune 2021Pages 60–71https://doi.org/10.1145/3448300.3468284

Published:28 June 2021Publication History

WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Pages 60–71

ABSTRACT

Internet of Things (IoT) technology promises to bring new value creation opportunities across all major industrial sectors. This will yield industries to deploy more devices into their networks. A key pillar to ensure the safety and security of the running services on these devices is remote attestation. Unfortunately,existing solutions fail to cope with the recent challenges raised by large IoT networks. In particular, the heterogeneity of the devices used in the network affects the performance of a remote attestation protocol. Another challenge in these networks is their dynamic nature: More IoT devices may be added gradually over time. This poses a problem in terms of key management in remote attestation.

We propose FADIA, the first lightweight collaborative remote attestation protocol that is designed with fairness in mind. FADIA enables fair distribution of load/tasks on the attesting devices to achieve better performance. We also leverage the Eschenauer-Gligor scheme to enable efficient addition of devices to the network. We implement our solution on heterogeneous embedded devices and evaluate it in real scenarios. The evaluation shows that FADIA can (i) increase the lifetime of a network by an order of magnitude and (ii) decrease the remote attestation runtime by a factor of 1.6.

References

T. Abera, N. Asokan, L. Davi, J. E. Ekberg, T. Nyman, A. Paverd, A. R. Sadeghi, and G. Tsudik. 2016. C-FLAT: Control-Flow Attestation for Embedded Systems Software. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). Association for Computing Machinery.Google Scholar
M. Ambrosin, M. Conti, A. Ibrahim, G. Neven, A. R. Sadeghi, and M. Schunter. 2016. SANA: Secure and Scalable Aggregate Network Attestation. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). Association for Computing Machinery.Google Scholar
M. Ambrosin, M. Conti, R. Lazzeretti, M. M. Rabbani, and S. Ranise. 2018. PADS: Practical Attestation for Highly Dynamic Swarm Topologies. In 2018 International Workshop on Secure Internet of Things (SIoT).Google Scholar
C. Andrei, Z. Jonas, F. Aurélien, and B. Davide. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association.Google Scholar
N. Asokan, F. Brasser, A. Ibrahim, A. R. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. 2015. SEDA: Scalable Embedded Device Attestation. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS '15). Association for Computing Machinery.Google Scholar
F. Brasser, B. El Mahjoub, A. Sadeghi, C. Wachsmann, and P. Koeberl. 2015. TyTAN: Tiny trust anchor for tiny devices. In 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).Google Scholar
X. Carpent, K. ElDefrawy, N. Rattanavipanon, and G. Tsudik. 2017. Lightweight Swarm Attestation: A Tale of Two LISA-s. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS '17). Association for Computing Machinery.Google Scholar
X. Carpent, G. Tsudik, and N. Rattanavipanon. 2018. ERASMUS: Efficient remote attestation via self-measurement for unattended settings. In 2018 Design, Automation Test in Europe Conference Exhibition (DATE).Google Scholar
M. Conti, R. Di Pietro, A. Gabrielli, L. V. Mancini, and A. Mei. 2010. The Smallville Effect: Social Ties Make Mobile Networks More Secure against Node Capture Attack. In Proceedings of the 8th ACM International Workshop on Mobility Management and Wireless Access (MobiWac '10). Association for Computing Machinery.Google Scholar
M. Conti, R. Di Pietro, L. Vincenzo Mancini, and A. Mei. 2008. Emergent Properties: Detection of the Node-Capture Attack in Mobile Wireless Sensor Networks. In Proceedings of the First ACM Conference on Wireless Network Security (WiSec '08). Association for Computing Machinery.Google Scholar
Moteiv Corporation. 2016. Tmote Sky Details. "http://www.snm.ethz.ch/snmwiki/pub/uploads/Projects/tmote_sky_datasheet.pdf".Google Scholar
The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC). December 28, 2016. "Mirai Botnet". Retrieved 28 December 2016..Google Scholar
K. M. El Defrawy, N. Rattanavipanon, and G. Tsudik. 2017. HYDRA: hybrid design for remote attestation (using a formally verified microkernel). Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (2017).Google ScholarDigital Library
G. Dessouky, S. Zeitouni, T. Nyman, A. Paverd, L. Davi, P. Koeberl, N. Asokan, and A. R. Sadeghi. 2017. LO-FAT: Low-Overhead Control Flow ATtestation in Hardware. In Proceedings of the 54th Annual Design Automation Conference 2017 (DAC '17). Association for Computing Machinery.Google Scholar
E. Dushku, M. M. Rabbani, M. Conti, L. V. Mancini, and S. Ranise. 2020. SARA: Secure Asynchronous Remote Attestation for IoT Systems. IEEE Transactions on Information Forensics and Security (2020).Google Scholar
K. Eldefrawy, A. Francillon, D. Perito, and G. Tsudik. 2012. SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust. In NDSS 2012, 19th Annual Network and Distributed System Security Symposium, February 5-8, San Diego, USA.Google Scholar
L. Eschenauer and V. D. Gligor. 2002. A Key-Management Scheme for Distributed Sensor Networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS '02). Association for Computing Machinery.Google Scholar
A. Francillon, Q. Nguyen, K. B. Rasmussen, and G. Tsudik. 2014. A minimalist approach to Remote Attestation. In 2014 Design, Automation Test in Europe Conference Exhibition (DATE).Google Scholar
W. He, M. Golla, R. Padhi, J. Ofek, M. Dürmuth, E. Fernandes, and B. Ur. 2018. Rethinking Access Control and Authentication for the Home Internet of Things (IoT). In Proceedings of the 27th USENIX Conference on Security Symposium (SEC'18). USENIX Association.Google Scholar
A. Ibrahim, A. R. Sadeghi, G. Tsudik, and S. Zeitouni. 2016. DARPA: Device Attestation Resilient to Physical Attacks. In Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec '16). Association for Computing Machinery.Google Scholar
V. Immler, J. Obermaier, K. Kuan Ng, F. Xiang Ke, J. Lee, Y. Peng Lim, W. Koon Oh, K. Hoong Wee, and G. Sigl. 2018. Secure Physical Enclosures from Covers with Tamper-Resistance. IACR Transactions on Cryptographic Hardware and Embedded Systems (2018).Google Scholar
C. Kil, E. C. Sezer, A. M. Azab, P. Ning, and X. Zhang. 2009. Remote attestation to dynamic system properties: Towards providing complete system integrity evidence. In 2009 IEEE/IFIP International Conference on Dependable Systems Networks.Google Scholar
W. Kim and I. Jung. 2019. Smart Sensing Period for Efficient Energy Consumption in IoT Network. Sensors (2019).Google Scholar
P. Koeberl, S. Patrick, S. Schulz, A. R. Sadeghi, and V. Varadharajan. 2014. TrustLite: A Security Architecture for Tiny Embedded Devices. In Proceedings of the Ninth European Conference on Computer Systems (EuroSys '14). Association for Computing Machinery.Google Scholar
F. Kohnhäuser, N. Büscher, S. Gabmeyer, and S. Katzenbeisser. 2017. SCAPI: A Scalable Attestation Protocol to Detect Software and Physical Attacks. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '17). Association for Computing Machinery.Google Scholar
F. Kohnhäuser, N. Büscher, and S. Katzenbeisser. 2018. SALAD: Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (ASIACCS '18). Association for Computing Machinery.Google Scholar
F. Kohnhäuser, N. Büscher, and S. Katzenbeisser. 2019. A Practical Attestation Protocol for Autonomous Embedded Systems. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P).Google Scholar
S. Mahfoudh and P. Minet. 2008. Survey of Energy Efficient Strategies in Wireless Ad Hoc and Sensor Networks. In Seventh International Conference on Networking (icn 2008).Google Scholar
IHS Markit. 2017. Number of Connected IoT Devices Will Surge to 125 Billion by 2030, IHS Markit Says. https://news.ihsmarkit.com/prviewer/release_only/slug/number-connected-iot-devices-will-surge-125-billion-2030-ihs-markit-says.Google Scholar
S. Moein, T. Aaron Gulliver, F. Gebali, and A. Alkandari. 2017. Hardware Attack Mitigation Techniques Analysis. International Journal on Cryptography and Information Security (2017).Google Scholar
J. Noorman, J. Van Bulck, J. Tobias Mühlberg, F. Piessens, P. Maene, B. Preneel, I. Verbauwhede, J. Götzfried, T. Müller, and F. Freiling. 2017. Sancus 2.0: A Low-Cost Security Architecture for IoT Devices. ACM Trans. Priv. Secur. (2017).Google Scholar
M. M. Rabbani, J. Vliegen, J. Winderickx, M. Conti, and N. Mentens. 2019. SHeLA: Scalable Heterogeneous Layered Attestation. IEEE Internet of Things Journal (2019).Google Scholar
S. Ravi, A. Raghunathan, and S. Chakradhar. 2004. Tamper resistance mechanisms for secure embedded systems. In 17th International Conference on VLSI Design. Proceedings.Google Scholar
V. Roblek, M. MeÅ¡ko, and A. KrapeÅ¾. 2016. A Complex View of Industry 4.0. SAGE Open 2 (2016).Google Scholar
S. Skorobogatov. 2011. Physical Attacks on Tamper Resistance: Progress and Lessons. 2nd ARO Special Workshop on HW Assurance, Washington DC.Google Scholar
S. Skorobogatov. 2012. Physical Attacks and Tamper Resistance. Springer New York.Google Scholar
A. Varga and R. Hornig. 2008. An Overview of the OMNeT++ Simulation Environment. In Proceedings of the 1st International Conference on Simulation Tools and Techniques for Communications, Networks and Systems & Workshops (Simutools '08). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).Google Scholar
S. Zeitouni, G. Dessouky, O. Arias, D. Sullivan, A. Ibrahim, Y. Jin, and A. Sadeghi. 2017. ATRIUM: Runtime attestation resilient under memory attacks. In 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).Google Scholar

Index Terms

FADIA: fairness-driven collaborative remote attestation
1. Networks
  1. Network types
    1. Ad hoc networks
      1. Mobile ad hoc networks
2. Security and privacy
  1. Network security
    1. Mobile and wireless security
    2. Security protocols
  2. Systems security
    1. Distributed systems security

Recommendations

AutoCert: Automated TOCTOU-secure digital certification for IoT with combined authentication and assurance
Abstract
The Internet of Things (IoT) network is comprised of heterogeneous devices which are part of critical infrastructures throughout the world. To enable end-to-end security, the Public Key Infrastructure (PKI) is undergoing advancements ...
Read More
Privilege-Based Remote Attestation: Towards Integrity Assurance for Lightweight Clients
IoTPTS '15: Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security

Remote attestation is used to assure the integrity of a trusted platform (prover) to a remote party (challenger). Traditionally, plain binary attestation (i.e., attesting the integrity of software by measuring their binaries) is the method of choice. ...
Read More
Analysis of existing remote attestation techniques

This paper has been written as a part of the research project that is working towards the implementation of dynamic behavioral attestation for mobile platforms. The motivation behind this paper was to analyze the existing remote attestation techniques ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
June 2021
412 pages
ISBN:9781450383493
DOI:10.1145/3448300
General Chairs:
Christina Pöpper
New York University Abu Dhabi, AE
,
Mathy Vanhoef
New York University Abu Dhabi, AE
,
Program Chairs:
Lejla Batina
Radboud University, NL
,
René Mayrhofer
Johannes Kepler University Linz, AT
Copyright © 2021 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 28 June 2021
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
collaborative attestation
embedded systems
fairness
heterogeneous IoT networks
remote attestation
Qualifiers
- research-article
Conference

Acceptance Rates
WiSec '21 Paper Acceptance Rate34of121submissions,28%Overall Acceptance Rate98of338submissions,29%
More
Upcoming Conference
WiSec '24

Sponsor:

sigsac

17th ACM Conference on Security and Privacy in Wireless and Mobile Networks

May 27 - 30, 2024

Seoul , Republic of Korea
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 194
  Total Downloads
- Downloads (Last 12 months)47
- Downloads (Last 6 weeks)6
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

FADIA: fairness-driven collaborative remote attestation

WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks

ABSTRACT

References

Cited By

Index Terms

Recommendations

AutoCert: Automated TOCTOU-secure digital certification for IoT with combined authentication and assurance

Privilege-Based Remote Attestation: Towards Integrity Assurance for Lightweight Clients

Analysis of existing remote attestation techniques