AID : Autonomous Attestation of IoT Devices

Embedded devices, personal gadgets and networks thereof are becoming increasingly pervasive, mainly due the advent of, and hype surrounding, the so-called Internet of Things (IoT). Such devices often perform critical actuation tasks, as well as collect, store and process sensitive data. Therefore, as confirmed by recent examples (such as the Mirai botnet), they also represent very attractive attack targets. To mitigate attacks, remote attestation (RA) has emerged as a distinct security service that aims at detecting malware presence on an embedded device. Most prior RA schemes focus on attesting a single device and do not scale. In recent years, schemes for collective (group or swarm) RA have been designed. However, none is applicable to autonomous and dynamic network settings. This paper presents AID – the first collective attestation schemes for large autonomous dynamic networks of embedded devices. AID verifies overall network integrity by combining continuous in-network attestation with a key exchange mechanism and Proofs-of-non-Absence. Using device absence detection AID defends against physical attacks that require disconnecting attacked devices from the network for a non-negligible time. We demonstrate feasibility of AID with proof-of-concept implementation on state-of-the-art security architectures for low-end embedded devices and on an autonomous testbed formed of six drones. We also assess its scalability and practicality via extensive simulations.

[1]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[2]  Karim Eldefrawy SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust , 2012, NDSS 2012.

[3]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[4]  Dengguo Feng,et al.  Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing , 2005, IACR Cryptol. ePrint Arch..

[5]  Ahmad-Reza Sadeghi,et al.  SEDA: Scalable Embedded Device Attestation , 2015, CCS.

[6]  Xeno Kovah,et al.  New Results for Timing-Based Attestation , 2012, 2012 IEEE Symposium on Security and Privacy.

[7]  Gregor von Laszewski,et al.  A fault detection service for wide area distributed computations , 2004, Cluster Computing.

[8]  Mauro Conti,et al.  SANA: Secure and Scalable Aggregate Network Attestation , 2016, CCS.

[9]  Frederik Armknecht,et al.  A security framework for the analysis and design of software attestation , 2013, CCS.

[10]  Roberto Di Pietro,et al.  Emergent properties: detection of the node-capture attack in mobile wireless sensor networks , 2008, WiSec '08.

[11]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[12]  Adrian Perrig,et al.  SAKE: Software attestation for key establishment in sensor networks , 2008, Ad Hoc Networks.

[13]  Adrian Perrig,et al.  VIPER: verifying the integrity of PERipherals' firmware , 2011, CCS '11.

[14]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[15]  Ahmad-Reza Sadeghi,et al.  Extending IPsec for Efficient Remote Attestation , 2010, Financial Cryptography Workshops.

[16]  Gene Tsudik,et al.  Lightweight Swarm Attestation: A Tale of Two LISA-s , 2017, AsiaCCS.

[17]  François-Xavier Standaert,et al.  On the Energy Cost of Communication and Cryptography in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[18]  Roberto Di Pietro,et al.  Mobility and Cooperation to Thwart Node Capture Attacks in MANETs , 2009, EURASIP J. Wirel. Commun. Netw..

[19]  Naohiro Hayashibara,et al.  Failure detectors for large-scale distributed systems , 2002, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings..

[20]  Gene Tsudik,et al.  A minimalist approach to Remote Attestation , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[21]  Sergei Skorobogatov Physical Attacks and Tamper Resistance , 2012 .