A Software-Based Remote Attestation Scheme for Internet of Things Devices

With the rapid development of intelligent applications, many Internet of Things (IoT) devices are deployed in various application scenarios, playing an extremely important role. Remote attestation is an important method to ensure the software integrity of these devices and protect them from several...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on dependable and secure computing 2023-03, Vol.20 (2), p.1422-1434
Main Authors: Cao, Jin, Zhu, Tong, Ma, Ruhui, Guo, Zhenyang, Zhang, Yinghui, Li, Hui
Format: Article
Language:English
Subjects:
Codes
Computer program integrity
Cybersecurity
Delayed evaluation
Devices
Hardware
Internet of Things
IoT devices
Malware
proxy attack
Random access memory
Read only memory
remote attestation
Remote observing
reputation mechanism
Resists
Security
Software
Wireless networks
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the rapid development of intelligent applications, many Internet of Things (IoT) devices are deployed in various application scenarios, playing an extremely important role. Remote attestation is an important method to ensure the software integrity of these devices and protect them from several attacks. Due to the lack of security hardware and no support of hardware extensions for Class-1 IoT devices, it is particularly important to design a suitable remote attestation scheme for these devices. In this paper, we first propose the delayed observation mechanism to alleviate the problem that the software-based remote attestation scheme is not suitable for wireless networks. At the same time, we propose a "filling memory at attestation-time" mechanism, which solves the problem that attackers hide malicious code through return-oriented programming. Finally, we introduce a reputation mechanism to assist our attestation, and adopt the principle of "making higher-performance verification nodes take on more work" to greatly reduce the time-consuming attestation. We analyze the security of the scheme and implement it on a UNO-R3 development board to prove its practicability and effectiveness. Compared with traditional software-based attestation schemes, our scheme can reduce the attestation time and resist proxy attacks.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2022.3154887