skip to main content
research-article

DADS: Decentralized Attestation for Device Swarms

Authors Info & Claims
Published:16 July 2019Publication History
Skip Abstract Section

Abstract

We present a novel scheme called Decentralized Attestation for Device Swarms (DADS), which is, to the best of our knowledge, the first to accomplish decentralized attestation in device swarms. Device swarms are smart, mobile, and interconnected devices that operate in large numbers and are likely to be part of emerging applications in Cyber-Physical Systems (CPS) and Industrial Internet of Things (IIoTs). Swarm devices process and exchange safety, privacy, and mission-critical information. Thus, it is important to have a good code verification technique that scales to device swarms and establishes trust among collaborating devices. DADS has several advantages over current state-of-the-art swarm attestation techniques: It is decentralized, has no single point of failure, and can handle changing topologies after nodes are compromised. DADS assures system resilience to node compromise/failure while guaranteeing only devices that execute genuine code remain part of the group. We conduct performance measurements of communication, computation, memory, and energy using the TrustLite embedded systems architecture in OMNeT++ simulation environment. We show that the proposed approach can significantly reduce communication cost and is very efficient in terms of computation, memory, and energy requirements. We also analyze security and show that DADS is very effective and robust against various attacks.

References

  1. Moreno Ambrosin, Mauro Conti, Ahmad Ibrahim, Gregory Neven, Ahmad-Reza Sadeghi, and Matthias Schunter. 2016. SANA: Secure and scalable aggregate network attestation. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 731--742. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Frederik Armknecht, Ahmad-Reza Sadeghi, Steffen Schulz, and Christian Wachsmann. 2013. A security framework for the analysis and design of software attestation. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 1--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. N. Asokan, Ferdinand Brasser, Ahmad Ibrahim, Ahmad-Reza Sadeghi, Matthias Schunter, Gene Tsudik, and Christian Wachsmann. 2015. Seda: Scalable embedded device attestation. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 964--975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Luigi Atzori, Antonio Iera, and Giacomo Morabito. 2010. The internet of things: A survey. Comput. Netw. 54, 15 (2010), 2787--2805. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Jingwen Bai, Yan Sun, and Chris Phillips. 2016. CRRP: A cooperative relay routing protocol for IoT networks. In Proceedings of the IEEE 27th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC’16). IEEE, 1--6.Google ScholarGoogle ScholarCross RefCross Ref
  6. Ayan Banerjee, Krishna K. Venkatasubramanian, Tridib Mukherjee, and Sandeep K. S. Gupta. 2012. Ensuring safety, security, and sustainability of mission-critical cyber-physical systems. Proc. IEEE 100, 1 (2012), 283--299.Google ScholarGoogle ScholarCross RefCross Ref
  7. Mihir Bellare. 2006. New proofs for NMAC and HMAC: Security without collision-resistance. In Proceedings of the Annual International Cryptology Conference. Springer, 602--619. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Mihir Bellare, Ran Canetti, and Hugo Krawczyk. 1996. Keying hash functions for message authentication. In Proceedings of the Annual International Cryptology Conference. Springer, 1--15. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Dan Boneh. 1998. The decision diffie-hellman problem. In Proceedings of the International Algorithmic Number Theory Symposium. Springer, 48--63. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Ferdinand Brasser, Brahim El Mahjoub, Ahmad-Reza Sadeghi, Christian Wachsmann, and Patrick Koeberl. 2015. TyTAN: Tiny trust anchor for tiny devices. In Proceedings of the 52nd Annual Design Automation Conference. ACM, 34. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Ferdinand Brasser, Kasper B. Rasmussen, Ahmad-Reza Sadeghi, and Gene Tsudik. 2016. Remote attestation for low-end embedded devices: The prover’s perspective. In Proceedings of the 53rd ACM/EDAC/IEEE Design Automation Conference (DAC’16). IEEE, 1--6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Tracy Camp, Jeff Boleng, and Vanessa Davies. 2002. A survey of mobility models for ad hoc network research. Wireless Commun. Mobile Comput. 2, 5 (2002), 483--502.Google ScholarGoogle ScholarCross RefCross Ref
  13. Xavier Carpent, Karim ElDefrawy, Norrathep Rattanavipanon, and Gene Tsudik. 2017. LIghtweight swarm attestation: A tale of Two LISA-s. In Proceedings of the ACM Asia Conference on Computer and Communications Security. ACM, 86--100. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Ray Chen, Yating Wang, and Ding-Chau Wang. 2010. Reliability of wireless sensors with code attestation for intrusion detection. Info. Process. Lett. 110, 17 (2010), 778--786. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Li Da Xu, Wu He, and Shancang Li. 2014. Internet of things in industries: A survey. IEEE Trans. Industr. Info. 10, 4 (2014), 2233--2243.Google ScholarGoogle ScholarCross RefCross Ref
  16. Whitfield Diffie and Martin Hellman. 1976. New directions in cryptography. IEEE Trans. Info. Theory 22, 6 (1976), 644--654. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Trans. Info. Theory 29, 2 (1983), 198--208. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. D. Eastlake III and Paul Jones. 2001. U.S. Secure Hash Algorithm 1 (SHA1). Technical Report. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Karim Eldefrawy, Gene Tsudik, Aurélien Francillon, and Daniele Perito. 2012. SMART: Secure and minimal architecture for (establishing dynamic) root of trust. In Proceedings of the Network and Distributed System Security Symposium (NDSS’12), Vol. 12. 1--15.Google ScholarGoogle Scholar
  20. Aurélien Francillon, Quan Nguyen, Kasper B. Rasmussen, and Gene Tsudik. 2014. A minimalist approach to remote attestation. In Proceedings of the Design, Automation 8 Test in Europe Conference 8 Exhibition (DATE’14). IEEE, 1--6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Lei Gong, Yuebin Bai, Ming Chen, and Depei Qian. 2008. Link availability prediction in ad hoc networks. In Proceedings of the 14th IEEE International Conference on Parallel and Distributed Systems (ICPADS’08). IEEE, 423--428. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Gregory Hackmann, Weijun Guo, Guirong Yan, Zhuoxiong Sun, Chenyang Lu, and Shirley Dyke. 2014. Cyber-physical codesign of distributed structural health monitoring with wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 25, 1 (2014), 63--72. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Ahmad Ibrahim, Ahmad-Reza Sadeghi, Gene Tsudik, and Shaza Zeitouni. 2016. DARPA: Device attestation resilient to physical attacks. In Proceedings of the 9th ACM Conference on Security 8 Privacy in Wireless and Mobile Networks. ACM, 171--182. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. G. Illera and J. V. Vidal. 2014. Lights off! The darkness of the smart meters. BlackHat Europe (2014). Retrieved from https://www.blackhat.com/eu-14/briefings.html.Google ScholarGoogle Scholar
  25. Don Johnson, Alfred Menezes, and Scott Vanstone. 2001. The elliptic curve digital signature algorithm (ECDSA). Int. J. Info. Secur. 1, 1 (2001), 36--63. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. M. Kabay. 2010. Attacks on power systems: Hackers malware. Norwich University (2010). Retrieved from https://www.networkworld.com/article/2217684/attacks-on-power-systems-hackers-malware.html.Google ScholarGoogle Scholar
  27. Rick Kennell and Leah H. Jamieson. 2003. Establishing the genuinity of remote computer systems. In Proceedings of the USENIX Security Symposium. 295--308. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Patrick Koeberl, Steffen Schulz, Ahmad-Reza Sadeghi, and Vijay Varadharajan. 2014. TrustLite: A security architecture for tiny embedded devices. In Proceedings of the 9th European Conference on Computer Systems. ACM, 10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Yanlin Li, Jonathan M. McCune, and Adrian Perrig. 2010. SBAP: Software-based attestation for peripherals. In Proceedings of the International Conference on Trust and Trustworthy Computing (TRUST’10). Springer, 16--29. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Yanlin Li, Jonathan M. McCune, and Adrian Perrig. 2011. VIPER: Verifying the integrity of PERipherals’ firmware. In Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM, 3--16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Yehuda Lindell and Jonathan Katz. 2014. Introduction to Modern Cryptography. Chapman and Hall/CRC.Google ScholarGoogle Scholar
  32. Hamid Menouar, Ismail Guvenc, Kemal Akkaya, A. Selcuk Uluagac, Abdullah Kadri, and Adem Tuncer. 2017. UAV-enabled intelligent transportation systems for the smart city: Applications and challenges. IEEE Commun. Mag. 55, 3 (2017), 22--28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Seyed Morteza Mousavi, Hamid R. Rabiee, M. Moshref, and A. Dabirmoghaddam. 2007. Mobisim: A framework for simulation of mobility models in mobile ad hoc networks. In Proceedings of the 3rd IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMOB’07). IEEE, 82--82. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Job Noorman, Pieter Agten, Wilfried Daniels, Raoul Strackx, Anthony Van Herrewege, Christophe Huygens, Bart Preneel, Ingrid Verbauwhede, and Frank Piessens. 2013. Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In Proceedings of the USENIX Security Symposium. 479--494. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Job Noorman, Jo Van Bulck, Jan Tobias Mühlberg, Frank Piessens, Pieter Maene, Bart Preneel, Ingrid Verbauwhede, Johannes Götzfried, Tilo Müller, and Felix Freiling. 2017. Sancus 2.0: A low-cost security architecture for IoT devices. ACM Trans. Privacy Secur. 20, 3 (2017), 7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. NS-3. {n.d.}. Network simulator tools-3 (NS-3). Retrieved from http://https://www.nsnam.org/.Google ScholarGoogle Scholar
  37. Bryan Parno, Jonathan M. McCune, and Adrian Perrig. 2010. Bootstrapping trust in commodity computers. In Proceedings of the IEEE Symposium on Security and Privacy (SP’10). IEEE, 414--429. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Jonathan Pollet and J. Cummins. 2010. Electricity for free? The dirty underbelly of scada and smart meters. In Proceedings of Black Hat USA.Google ScholarGoogle Scholar
  39. Prabhu Ramaswamy. 2016. Iot smart parking system for reducing green house gas emission. In Proceedings of the 5th International Conference On Recent Trends In Information Technology. 1--6.Google ScholarGoogle ScholarCross RefCross Ref
  40. Amit Kumar Saha and David B. Johnson. 2004. Modeling mobility for vehicular ad hoc networks. In Proceedings of the 1st ACM International Workshop on Vehicular Ad Hoc Networks. ACM, 91--92. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Erol Şahin. 2004. Swarm robotics: From sources of inspiration to domains of application. In Proceedings of the International Workshop on Swarm Robotics. Springer, 10--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Steffen Schulz, Ahmad-Reza Sadeghi, and Christian Wachsmann. 2011. Short paper: Lightweight remote attestation using physical functions. In Proceedings of the 4th ACM Conference on Wireless Network Security. ACM, 109--114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Arvind Seshadri, Mark Luk, and Adrian Perrig. 2008. SAKE: Software attestation for key establishment in sensor networks. In Proceedings of the International Conference on Distributed Computing in Sensor Systems. Springer, 372--385. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Arvind Seshadri, Mark Luk, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. 2006. SCUBA: Secure code update by attestation in sensor networks. In Proceedings of the 5th ACM workshop on Wireless security. ACM, 85--94. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Arvind Seshadri, Adrian Perrig, Leendert Van Doorn, and Pradeep Khosla. 2004. Swatt: Software-based attestation for embedded devices. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 272--282.Google ScholarGoogle ScholarCross RefCross Ref
  46. Sean W. Smith. 2004. Outbound authentication for programmable secure coprocessors. Int. J. Info. Secur. 3, 1 (2004), 28--41. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. George Spanogiannopoulos, Natalija Vlajic, and Dusan Stevanovic. 2009. A simulation-based performance analysis of various multipath routing techniques in ZigBee sensor networks. In Proceedings of the International Conference on Ad Hoc Networks. Springer, 300--315.Google ScholarGoogle Scholar
  48. TCG. {n.d.}. Trusted Computing Group (TCG). Retrieved from http://www.trustedcomputinggroup.org/.Google ScholarGoogle Scholar
  49. Jaikumar Vijayan. 2010. Stuxnet renews power grid security concerns. Computerworld 26 (2010). Retrieved from https://www.computerworld.com/article/2519574/stuxnet-renews-power-grid-security-concerns.html.Google ScholarGoogle Scholar
  50. Xinyu Yang, Xiaofei He, Wei Yu, Jie Lin, Rui Li, Qingyu Yang, and Houbing Song. 2015. Towards a low-cost remote memory attestation for the smart grid. Sensors 15, 8 (2015), 20799--20824.Google ScholarGoogle ScholarCross RefCross Ref
  51. Michele Zorzi, Alexander Gluhak, Sebastian Lange, and Alessandro Bassi. 2010. From today’s intranet of things to a future internet of things: A wireless-and mobility-related view. IEEE Wireless Commun. 17, 6 (2010), 44--51. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. DADS: Decentralized Attestation for Device Swarms

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader

            HTML Format

            View this article in HTML Format .

            View HTML Format
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!