US-AID: Unattended Scalable Attestation of IoT Devices

机译：美国国际开发署：无人值守的物联网设备可扩展认证

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Embedded devices, personal gadgets and networks thereof are becoming increasingly pervasive, mainly due the advent of, and hype surrounding, the so-called Internet of Things (IoT). Such devices often perform critical actuation tasks, as well as collect, store and process sensitive data. Therefore, as confirmed by recent examples (such as the Mirai botnet), they also represent very attractive attack targets. To mitigate attacks, remote attestation (RA) has emerged as a distinct security service that aims at detecting malware presence on an embedded device. Most prior RA schemes focus on attesting a single devices and do not scale. In recent years, schemes for collective (group or swarm) RA have been designed. However, none is applicable to autonomous and dynamic network settings. This paper presents US-AID - the first collective attestation schemes for large autonomous dynamic networks of embedded devices. AID verifies overall network integrity by combining continuous in-network attestation with a key exchange mechanism and Proofs-of-non-Absence. Using device absence detection US-AID defends against physical attacks that require disconnecting attacked devices form the network for a non-negligible time. We demonstrate feasibility of US-AID with proof-of-concept implementation on state-of-the-art security architectures for low-end embedded devices and on an autonomous testbed formed of six drones. We also assess its scalability and practicality via extensive simulations.

机译：嵌入式设备，个人小工具及其网络正变得越来越普遍，这主要是由于所谓的物联网（IoT）的出现和大肆宣传。这样的设备通常执行关键的致动任务，以及收集，存储和处理敏感数据。因此，正如最近的示例（例如Mirai僵尸网络）所证实的那样，它们也代表了非常诱人的攻击目标。为了减轻攻击，远程证明（RA）已经成为一种独特的安全服务，旨在检测嵌入式设备上是否存在恶意软件。先前的大多数RA方案都专注于证明单个设备，并且无法扩展。近年来，已经设计了集体（群体或群体）RA的方案。但是，没有一项适用于自主和动态网络设置。本文介绍了US-AID-嵌入式设备大型自主动态网络的首个集体证明方案。 AID通过将连续的网络内证明与密钥交换机制和不存在证明相结合，来验证整个网络的完整性。使用设备缺失检测，US-AID可以防御物理攻击，这些物理攻击需要在不可忽略的时间内断开被攻击设备与网络的连接。我们在低端嵌入式设备的最新安全体系结构以及由六架无人机组成的自主测试平台上，通过概念验证实现了US-AID的可行性。我们还将通过广泛的仿真评估其可扩展性和实用性。

著录项

来源
《IEEE Symposium on Reliable Distributed Systems》|2018年|21-30|共10页
会议地点 Salvador(BR)
作者
Ahmad Ibrahim; Ahmad-Reza Sadeghi; Gene Tsudik;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Heart beat; Protocols; Security; Performance evaluation; Malware; Hardware;

机译：心跳协议；安全;绩效评估；恶意软件；硬件;

相似文献

外文文献
中文文献
专利

1. DO-RA: Data-oriented runtime attestation for IoT devices [J] . Boyu Kuang, Anmin Fu, Lu Zhou, Computers & Security . 2020,第Octa期

机译：DO-RA：IOT设备面向数据的运行时验证
2. Enhancing technology of producing secure IoT devices on the base of remote attestation [J] . Vasily Desnitsky, Igor Kotenko MATEC Web of Conferences . 2020,第1期

机译：增强遥控基础上生产安全物联网设备的技术
3. An Obfuscatable Aggregatable Signcryption Scheme for Unattended Devices in IoT Systems [J] . Yang Shi, Jingxuan Han, Xiaoping Wang, Internet of Things Journal, IEEE . 2017,第4期

机译：物联网系统中无人值守设备的可混淆的聚集签密方案
4. US-AID: Unattended Scalable Attestation of IoT Devices [C] . Ahmad Ibrahim, Ahmad-Reza Sadeghi, Gene Tsudik IEEE Symposium on Reliable Distributed Systems . 2018

机译：US-AID：无人值守可扩展的IOT设备证明
5. Secure Remote Attestation for Safety-Critical Embedded and IoT Devices [D] . Rattanavipanon, Norrathep . 2019

机译：为安全关键嵌入式和IOT设备安全远程证明
6. Pushing the Scalability of RDF Engines on IoT Edge Devices [O] . Anh Le-Tuan, Conor Hayes, Manfred Hauswirth, 2020

机译：推动IoT Edge设备上RDF引擎的可扩展性
7. Enhancing technology of producing secure IoT devices on the base of remote attestation [O] . Vasily Desnitsky, Igor Kotenko 2020

机译：增强遥控基础上生产安全物联网设备的技术
8. Basic Biotechnologies Essential for the Japanese Chemical Industry in the 1990'sand Beyond. Bioreactors, Large Scale Mammalian Cell Culture, Recombinant DNAs, Functional Protein Systems, and Bio-Electronic Devices [R] . Fujimura, R. K. 1992

机译：基本生物技术在20世纪90年代及以后对日本化学工业至关重要。生物反应器，大规模哺乳动物细胞培养，重组DNa，功能蛋白质系统和生物电子设备

US-AID: Unattended Scalable Attestation of IoT Devices

摘要

著录项

相似文献

相关主题

期刊订阅