Iván García Aguilar
ABSTRACT
Security is considered one of the critical points in any computer system. Nowadays, a multitude of protocols and computer models are appearing along with new attacks increasing the need to develop solutions. This work focuses on the protection of the agent as well as the information it processes in a distributed environment throughout the network. Mobile agents move between various network-enabled platforms to process the information they manage. To simulate an environment based on the Internet of Things (IoT), a scheme has been presented which details the necessary steps to be carried out by the agent to perform the migration.
Today it was proved that there is no infallible solution that guarantees the security of the whole system. However, the importance of security mechanisms to reduce and/or mitigate security threats is fundamental. This work is a study based on a mobile agent-based approach that travels from host to host. A review of different threats to this particular model is presented. Throughout this work a detailed study is presented based on the migration protocol of the agents, which will be determined by using modeling tools such as Microsoft Modeling Tool (MMT) used in this case, to discover and detail each of the threats presented by this protocol. Additionally, an alternative as a solution according to a protocol that runs thanks to the implementation of hardware elements is proposed, which makes use of a TPM, thus determining which threats are mitigated or solved by implementing such hardware in conjunction with the protocol developed for this purpose.
- Claude Castelluccia, Aurélien Francillon, Daniele Perito, and Claudio Soriente. 2009. On the difficulty of software-based attestation of embedded devices. In Proceedings of the 16th ACM conference on Computer and communications security. 400–409.Google Scholar
Digital Library
- David Cerdeira, Nuno Santos, Pedro Fonseca, and Sandro Pinto. 2020. Sok: Understanding the prevailing security vulnerabilities in trustzone-assisted tee systems. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 1416–1432.Google ScholarCross Ref
- Jan-Erik Ekberg, Kari Kostiainen, and N Asokan. 2013. Trusted execution environments on mobile devices. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. 1497–1498.Google ScholarDigital Library
- Aristeidis Farao, Juan Enrique Rubio, Cristina Alcaraz, Christoforos Ntantogian, Christos Xenakis, and Javier Lopez. 2020. SealedGRID: A Secure Interconnection of Technologies for Smart Grid Applications. In Critical Information Infrastructures Security, Simin Nadjm-Tehrani (Ed.). Springer International Publishing, Cham, 169–175.Google Scholar
- Aristeidis Farao, Eleni Veroni, Christoforos Ntantogian, and Christos Xenakis. 2021. P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go. Sensors 21, 8 (2021). https://doi.org/10.3390/s21082686Google Scholar
- Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, and Bryan Parno. 2017. Komodo: Using verification to disentangle secure-enclave hardware from software. In Proceedings of the 26th Symposium on Operating Systems Principles. 287–305.Google ScholarDigital Library
- Giancarlo Fortino, Antonio Guerrieri, Wilma Russo, and Claudio Savaglio. 2014. Integration of agent-based and Cloud Computing for the smart objects-oriented IoT. Proceedings of the 2014 IEEE 18th International Conference on Computer Supported Cooperative Work in Design, CSCWD 2014, 493–498. https://doi.org/10.1109/CSCWD.2014.6846894Google ScholarCross Ref
- Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard. 2016. Flush+ Flush: a fast and stealthy cache attack. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 279–299.Google ScholarDigital Library
- Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, and Trent Jaeger. 2017. Trustshadow: Secure execution of unmodified applications with arm trustzone. In Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services. 488–501.Google ScholarDigital Library
- Ahmed Imteaj, Tanveer Rahman, Muhammad Kamrul Hossain, Mohammed Shamsul Alam, and Saad Ahmad Rahat. 2017. An IoT based fire alarming and authentication system for workhouse using Raspberry Pi 3. In 2017 International conference on electrical, computer and communication engineering (ECCE). IEEE, 899–904.Google ScholarCross Ref
- Leila Ismail. 2008. A Secure Mobile Agents Platform. Journal of Communications 3 (04 2008). https://doi.org/10.4304/jcm.3.2.1-12Google Scholar
- Jin Soo Jang, Sunjune Kong, Minsu Kim, Daegyeong Kim, and Brent Byunghoon Kang. 2015. SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment.. In NDSS.Google Scholar
- Laura Järvenpää, Markku Lintinen, Anna-Liisa Mattila, Tommi Mikkonen, Kari Systä, and Jari-Pekka Voutilainen. 2013. Mobile agents for the internet of things. In 2013 17th International Conference on System Theory, Control and Computing (ICSTCC). IEEE, 763–767.Google ScholarCross Ref
- Nikolaos Koutroumpouchos, Christoforos Ntantogian, and Christos Xenakis. 2021. Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone. Sensors 21, 2 (2021). https://doi.org/10.3390/s21020520Google Scholar
- Petar Krivic, Pavle Skocir, and Mario Kusek. 2019. Agent-Based Approach for Energy-Efficient IoT Services Discovery and Management. 57–66. https://doi.org/10.1007/978-3-319-92031-3_6Google Scholar
- Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard. 2016. Armageddon: Cache attacks on mobile devices. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 549–564.Google Scholar
- Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, and Giovanni Vigna. 2017. BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments.. In NDSS.Google Scholar
- Antonio Muñoz. 2019. A Review of Security Mechanisms for Multi-Agent Systems. 38–62. https://doi.org/10.4018/978-1-5225-7353-1.ch002Google Scholar
- Anas Mzahm, Mohd Ahmad, and Alicia Tang. 2013. Agents of Things (AoT): An Intelligent Operational Concept of the Internet of Things (IoT). International Conference on Intelligent Systems Design and Applications, ISDA. https://doi.org/10.1109/ISDA.2013.6920728Google ScholarCross Ref
- Ana Nieto, Rodrigo Roman, and Javier Lopez. 2016. Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices. IEEE Network (2016), 12–19. https://doi.org/10.1109/MNET.2016.1600087NMGoogle ScholarDigital Library
- Jose A. Onieva, Ruben Rios, Rodrigo Roman, and Javier Lopez. 2019. Edge-Assisted Vehicular Networks Security. IEEE Internet of Things Journal 6 (10/2019 2019), 8038–8045. https://doi.org/10.1109/JIOT.2019.2904323Google ScholarCross Ref
- Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and countermeasures: the case of AES. In Cryptographers’ track at the RSA conference. Springer, 1–20.Google Scholar
- Yudi Prayudi and Azhari Sn. 2015. Digital Chain of Custody: State of The Art. International Journal of Computer Applications 114 (04 2015), 975–8887. https://doi.org/10.5120/19971-1856Google ScholarCross Ref
- Ruben Rios, Javier Lopez, and Jorge Cuellar. 2016. Location Privacy in Wireless Sensor Networks. Taylor & Francis.Google Scholar
- Rodrigo Roman, Javier Lopez, and Stefanos Gritzalis. 2018. Evolution and Trends in the Security of the Internet of Things. IEEE Computer 51 (07/2018 2018), 16–25. https://doi.org/10.1109/MC.2018.3011051Google Scholar
- Tomas Sander and Christian F. Tschudin. 1998. Protecting Mobile Agents Against Malicious Hosts. Springer Berlin Heidelberg, Berlin, Heidelberg, 44–60. https://doi.org/10.1007/3-540-68671-1_4Google Scholar
- Nuno Santos, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2014. Using ARM TrustZone to build a trusted language runtime for mobile applications. In Proceedings of the 19th international conference on Architectural support for programming languages and operating systems. 67–80.Google ScholarDigital Library
- Tushar Semwal, Shashi Shekhar Jha, and Shivashankar B Nair. 2016. TARTARUS: A multi-agent platform for bridging the gap between cyber and physical systems. In Proceedings of the 2016 International Conference on Autonomous Agents & Multiagent Systems. 1493–1495.Google Scholar
- Tushar Semwal and Shivashankar Nair. 2016. AgPi: Agents on Raspberry Pi. Electronics 5 (10 2016), 72. https://doi.org/10.3390/electronics5040072Google Scholar
- Arvind Seshadri, Adrian Perrig, Leendert Van Doorn, and Pradeep Khosla. 2004. SWATT: Software-based attestation for embedded devices. In IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004. IEEE, 272–282.Google ScholarCross Ref
- Irshad Ahmed Sumra, Halabi Hasbullah, J Lail, and M Rehman. 2011. Trust and trusted computing in VANET. Computer Science Journal 1, 1 (2011).Google Scholar
- He Sun, Kun Sun, Yuewu Wang, Jiwu Jing, and Haining Wang. 2015. Trustice: Hardware-assisted isolated computing environments on mobile devices. In 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE, 367–378.Google ScholarDigital Library
- Jadhav Shital Suresh and Lee Jongkun. 2015. A TPM-based architecture to secure VANET. Indian Journal of Science and Technology 8, 15 (2015), 1–6.Google ScholarCross Ref
- Oscar Urra, Sergio Ilarri, and Raquel Trillo-Lado. 2017. An approach driven by mobile agents for data management in vehicular networks. Information Sciences 381(2017), 55–77.Google ScholarDigital Library
- Asif Ali Wagan, Bilal Munir Mughal, and Halabi Hasbullah. 2010. VANET security framework for trusted grouping using TPM hardware. In 2010 Second International Conference on Communication Software and Networks. IEEE, 309–312.Google ScholarDigital Library
- Johannes Winter. 2012. Experimenting with arm trustzone–or: How i met friendly piece of trusted hardware. In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, 1161–1166.Google ScholarDigital Library
- Min Hong Yun and Lin Zhong. 2019. Ginseng: Keeping Secrets in Registers When You Distrust the Operating System.. In NDSS.Google Scholar
- Ning Zhang, Kun Sun, Deborah Shands, Wenjing Lou, and Y Thomas Hou. 2016. TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices.IACR Cryptol. ePrint Arch. 2016 (2016), 980.Google Scholar
Recommendations
Secure Mobile Agents on Embedded Boards: a TPM based solution
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and SecuritySecurity can be considered one of the essential aspects of any software system today. The current landscape is constantly evolving and new computing models are appearing at the same time as different attacks emerge. All this means that there is an ...
Security Vulnerability Analysis for IoT Devices Raspberry Pi using PENTEST
AbstractIoT device security is vital due to their involvement in collecting sensitive information from our environment. This study proves that IoT devices lack a defense mechanism to identify malicious or virus-infected files, making them vulnerable to ...
Design, Implementation and Performance Measurement of Raspberry Gate in the IoT Field
CCIOT '19: Proceedings of the 2019 4th International Conference on Cloud Computing and Internet of ThingsThe Internet of Things (IoT) is the third wave of the world's information industry after computers, the Internet, and mobile communication networks. In the era of the rapid development of IoT applications, there needs to be more focus on security. To ...
Comments