I1: Capability Dissemination: Edge to Root |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can manipulate capability state to be different than intended | O | – |
\( \mathrm{T}_{1} \): MITM | Modify reported edge capabilities | O | – |
\( \mathrm{T}_{2} \): Replay | Replay outdated edge capability reporting | O | – |
\( \mathrm{R}_{1} \): Repudiate edge capability | Edge can claim different capability information was provided than it did previously | – | O-R |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of capabilities | O | – |
\( \mathrm{D}_{1} \): Jam communications | Edge cannot be selected by IoT to submit tasks | – | J |
\( \mathrm{E}_{1} \): Inject malformed capability dissemination | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I2: Capability Dissemination: Root to Edge/IoT |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can manipulate capability state to be different than intended | O | – |
\( \mathrm{T}_{1} \): Modify data | Root can forward different contents than supplied by edge | – | RTTP |
\( \mathrm{T}_{2} \): MITM | Modify reported edge capabilities | O | – |
\( \mathrm{T}_{3} \): Replay | Reply outdated edge capability reporting | O | – |
\( \mathrm{R}_{1} \): Repudiate edge capability | Root can claim different capability information was provided than it did previously | – | RTTP |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of capabilities | O | – |
\( \mathrm{D}_{1} \): Jam communications | Edge cannot be selected by IoT to submit tasks | – | J |
\( \mathrm{E}_{1} \): Inject malformed capability dissemination | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I3: Certificate Dissemination: Root to Edge/IoT |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can alter certificate for edge/IoT nodes, allowing malicious nodes to impersonate them | O | – |
\( \mathrm{T}_{1} \): MITM | Modify certificates disseminated | O | – |
\( \mathrm{T}_{2} \): Replay | Reply certificate dissemination | O | – |
\( \mathrm{R}_{1} \): Repudiate certificate | Root can claim different certificate information was provided than it did previously | – | RTTP |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of identities and certificates | O | O-NA |
\( \mathrm{I}_{2} \): Eavesdropping | Adversary can learn of certificate requests and responses | O | O-NA |
\( \mathrm{D}_{1} \): Jam communications | Prevent certificate dissemination, edge/IoT potentially cannot communicate with some edge/IoT nodes | – | J |
\( \mathrm{D}_{2} \): Inject new certificate requests | Overload edge/IoT by sending certificate responses | – | VDS, D |
\( \mathrm{E}_{1} \): Inject malformed certificate requests | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I4: Stereotype Dissemination: Root to Edge/IoT |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can manipulate task allocation | O | – |
\( \mathrm{T}_{1} \): MITM | Modify stereotypes disseminated | O | – |
\( \mathrm{T}_{2} \): Replay | Reply stereotype dissemination | O | – |
\( \mathrm{R}_{1} \): Repudiate stereotype | Root can claim different stereotype information was provided than it did previously | – | O-R |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of stereotypes and device classes | O | – |
\( \mathrm{D}_{1} \): Jam communications | Quality of task allocation may be low as the system starts | – | J |
\( \mathrm{D}_{2} \): Inject new stereotype requests | Overload edge/IoT by sending stereotypes responses | – | D |
\( \mathrm{E}_{1} \): Inject malformed stereotype requests | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I5: Reputation Dissemination: IoT to Edge/IoT |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can generate fake reputation packet to alter reputation of edge nodes | GO | – |
\( \mathrm{T}_{1} \): MITM | Modify reputation disseminated | O | – |
\( \mathrm{T}_{2} \): Replay | Adversary can replay reputation dissemination to alter reputation of edge nodes | GO | – |
\( \mathrm{R}_{1} \): Repudiate reputation sent | IoT can claim different reputation information was provided than it did previously | GO | – |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of reputation beliefs | – | RP |
\( \mathrm{I}_{2} \): Privacy loss | Trust models contained in reputation may reveal sensitive information about interaction history | – | RP |
\( \mathrm{D}_{1} \): Jam communications | Quality of task allocation may be low as reputation information will be unavailable | – | J |
\( \mathrm{D}_{2} \): Fake signed messages | Verifying digital signatures is expensive, so an adversary may send a large number to reduce the number of valid signed messages that can be processed on an IoT device | – | VDS |
\( \mathrm{E}_{1} \): Inject malformed reputation dissemination | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I6: Task Submission: IoT to Edge |
\( \mathrm{S}_{1} \): Crafted packet | Edge nodes at risk of DoS with large number of fake tasks | O | D |
\( \mathrm{T}_{1} \): MITM | Modify or add to a task submission | O | – |
\( \mathrm{T}_{2} \): Replay | Replay task submission | O | – |
\( \mathrm{R}_{1} \): Repudiate task submitted | IoT can claim different task was submitted than it did previously | – | O-R |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of private information within tasks | O | – |
\( \mathrm{D}_{1} \): Jam communications | Task will not reach Edge and will not be executed | – | J |
\( \mathrm{E}_{1} \): Inject malformed task submissions | Aim to encounter parsing vulnerabilities | – | IMPL-O |
I7: Task Response: Edge to IoT |
\( \mathrm{S}_{1} \): Crafted packet | Adversary can generate malicious response different to valid response | O | – |
\( \mathrm{T}_{1} \): MITM | Modify or add to a task response | O | – |
\( \mathrm{T}_{2} \): Replay | Replay task responses | O | – |
\( \mathrm{R}_{1} \): Repudiate task response | Edge can claim different response was provided than it did previously | – | O-R |
\( \mathrm{I}_{1} \): Eavesdropping | Adversary can learn of private information within tasks | O | – |
\( \mathrm{D}_{1} \): Jam communications | Task result will not reach IoT node | – | J |
\( \mathrm{E}_{1} \): Inject malformed task responses | Aim to encounter parsing vulnerabilities | – | IMPL-O |