short-paper

RESERVE: Remote Attestation of Intermittent IoT devices

Authors:

Md Masoom Rabbani,

Nicola Dragoni,

Nele MentensAuthors Info & Claims

SenSys '21: Proceedings of the 19th ACM Conference on Embedded Networked Sensor Systems

Pages 578 - 580

https://doi.org/10.1145/3485730.3493364

Published: 15 November 2021 Publication History

Abstract

Internet of Things (IoT) devices have enveloped our surroundings and have been increasingly deployed in many domains. Even though the IoT has generated unprecedented opportunities, the poorly secured design of IoT devices makes them an easy target for cyber attacks. Aimed at securing IoT devices, Remote Attestation (RA) is a security technique that identifies threat presence in IoT systems. Typically, RA is an atomic procedure that requires uninterrupted connectivity to execute. However, in energy harvesting context where intermittent IoT devices go into sleep mode immediately after regular operations, the atomic property is difficult to achieve. In this paper, we propose RESERVE, a novel lightweight RA protocol designed specifically for Intermittent IoT devices. RESERVE aims to improve the security of intermittent systems by detecting malware presence during online mode and guaranteeing with some probability software legitimacy during offline mode. In particular, RESERVE ensures trustworthiness by organizing the device's software into modules, and after regular operation each device attests as many modules as fit in its energy budget.

References

[1]

2018. FBI Identifies Biggest Cyber Threats as IoT, Ransomware, Compromised Email. https://governmenttechnologyinsider.com/fbi-identifies-biggest-cyber-threats-as-iot-ransomware-compromised-email/{#}.XG05SPrPw2w

[2]

2019. PewDiePie hackers take over Google smart TV systems. https://www.bbc.com/news/technology-46746592

[3]

Ketan Devadiga. 2011. IEEE 802.15.4 and the Internet of Things. (2011).

[4]

Arbaugh et al. 1997. A secure and reliable bootstrap architecture. In SP '97.

[5]

Asokan et al. 2015. SEDA: Scalable Embedded Device Attestation. In CCS '15.

Digital Library

[6]

Ambrosin et al. 2017. Toward Secure and Efficient Attestation for Highly Dynamic Swarms: Poster. In WiSec '17.

Digital Library

[7]

Ambrosin et al. 2018. PADS: Practical Attestation for Highly Dynamic Swarm Topologies. In SIoT.

[8]

Ambrosin et al. 2020. Collective Remote Attestation at the Internet of Things Scale: State-of-the-Art and Future Challenges. IEEE Commun. Surv. Tutor. 22, 4 (2020).

[9]

Ankergård et al. 2021. State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things. Sensors 21, 5 (2021).

[10]

Conti et al. 2019. RADIS: Remote Attestation of Distributed IoT Services. In SDS 2019. 25--32.

[11]

Conti et al. 2020. Attestation-enabled secure and scalable routing protocol for IoT networks. Ad Hoc Networks 98 (2020).

[12]

Dushku et al. 2020. SARA: Secure Asynchronous Remote Attestation for IoT Systems. IEEE Trans. Inf. Forensics Secur. 15 (2020).

[13]

Eldefrawy et al. 2012. SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust. In NDSS '12.

[14]

Ibrahim et al. 2017. SeED: Secure Non-Interactive Attestation for Embedded Devices. In WiSec '17.

[15]

Rabbani et al. 2019. SHeLA: Scalable Heterogeneous Layered Attestation. IEEE Internet of Things J. 6, 6 (2019).

[16]

Seshadri et al. 2004. SWATT: Software-based attestation for embedded devices. In IEEE S&P '04.

[17]

Susan Evans. 2019. Mirai Botnet DDoS Attack Type. https://www.corero.com/resources/ddos-attack-types/mirai-botnet-ddos-attack.htm.

[18]

Wired. 2010. Stuxnet Incident. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet.

[19]

Østergaard et al. 2021. ERAMO: Effective Remote Attestation through Memory Offloading. In IEEE CSR. 73--80.

Cited By

Alotaibi B(2023)A Survey on Industrial Internet of Things Security: Requirements, Attacks, AI-Based Solutions, and Edge Computing OpportunitiesSensors10.3390/s2317747023:17(7470)Online publication date: 28-Aug-2023
https://doi.org/10.3390/s23177470
Dushku EØstergaard JDragoni N(2022)Memory Offloading for Remote Attestation of Multi-Service IoT DevicesSensors10.3390/s2212434022:12(4340)Online publication date: 8-Jun-2022
https://doi.org/10.3390/s22124340
Stricker NAlbert JRabbani MMayer SGomez A(2022)Secure Communication with Batteryless Sensors2022 11th Mediterranean Conference on Embedded Computing (MECO)10.1109/MECO55406.2022.9797104(1-4)Online publication date: 7-Jun-2022
https://doi.org/10.1109/MECO55406.2022.9797104

Index Terms

RESERVE: Remote Attestation of Intermittent IoT devices
1. Computer systems organization
  1. Embedded and cyber-physical systems
    1. Embedded systems
2. Security and privacy
  1. Network security

Recommendations

SμV - the security microvisor: a virtualisation-based security middleware for the internet of things
Middleware '17: Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference: Industrial Track

The Internet of Things (IoT) creates value by connecting digital processes to the physical world using embedded sensors, actuators and wireless networks. The IoT is increasingly intertwined with critical industrial processes, yet contemporary IoT ...
DeadBolt: Securing IoT Deployments
ANRW '18: Proceedings of the 2018 Applied Networking Research Workshop

In this paper, we introduce DeadBolt, a new security framework for managing IoT network access. DeadBolt hides all of the devices in an IoT deployment behind an access point that implements deny-by-default policies for both incoming and outgoing traffic. ...
A survey of remote attestation in Internet of Things: Attacks, countermeasures, and prospects
Abstract
The explosive growth of the Internet of Things (IoT) devices is an inevitable trend, especially considering the fact that 5G technology facilitates numerous services building on IoT devices. IoT devices deliver great convenience to our ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SenSys '21: Proceedings of the 19th ACM Conference on Embedded Networked Sensor Systems

November 2021

686 pages

ISBN:9781450390972

DOI:10.1145/3485730

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

SenSys '21

Sponsor:

SenSys '21: The 19th ACM Conference on Embedded Networked Sensor Systems

November 15 - 17, 2021

Coimbra, Portugal

Acceptance Rates

SenSys '21 Paper Acceptance Rate 25 of 139 submissions, 18%;

Overall Acceptance Rate 198 of 990 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
193
Total Downloads

Downloads (Last 12 months)42
Downloads (Last 6 weeks)9

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Alotaibi B(2023)A Survey on Industrial Internet of Things Security: Requirements, Attacks, AI-Based Solutions, and Edge Computing OpportunitiesSensors10.3390/s2317747023:17(7470)Online publication date: 28-Aug-2023
https://doi.org/10.3390/s23177470
Dushku EØstergaard JDragoni N(2022)Memory Offloading for Remote Attestation of Multi-Service IoT DevicesSensors10.3390/s2212434022:12(4340)Online publication date: 8-Jun-2022
https://doi.org/10.3390/s22124340
Stricker NAlbert JRabbani MMayer SGomez A(2022)Secure Communication with Batteryless Sensors2022 11th Mediterranean Conference on Embedded Computing (MECO)10.1109/MECO55406.2022.9797104(1-4)Online publication date: 7-Jun-2022
https://doi.org/10.1109/MECO55406.2022.9797104

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten