Bloom Filter based Collective Remote Attestation for Dynamic Networks
ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security
Article No.: 80, Pages 1 - 10
Abstract
Nowadays, Internet of Things (IoT) devices are widely used in several application scenarios. Due to their cheap structure, they often do not guarantee high security standard, making them prone to hacker attacks. Remote attestation is widely used to verify the configuration integrity on remote devices. Unfortunately, checking the integrity of each single device is impractical, thus several collective remote attestation protocols have been recently proposed to efficiently run attestations in wide device swarms. However, current solutions still have several limitations in terms of network topology, scalability, and efficiency.
This paper presents a new efficient collective remote attestation protocol for highly dynamic networks. Our protocol is implemented according to the self-attestation procedure, where devices iteratively establish a common view of the integrity of the network through a consensus mechanism. Differently from previous protocols, we leverage on Bloom filters, which permits to drastically reduce the message size for communication and to be more flexible with mobile nodes that can also join or leave the swarm. We evaluate our proposal through several simulations and experiments, showing that it outperforms the state of the art.
References
[1]
2011. MiXiM framework for Omnet++. http://mixim.sourceforge.net/
[2]
M. Ambrosin, M. Conti, A. Ibrahim, G. Neven, A.-R. Sadeghi, and M. Schunter. 2016. SANA: secure and scalable aggregate network attestation. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 731–742.
[3]
M. Ambrosin, M. Conti, R. Lazzeretti, M. Rabbani, and S. Ranise. 2020. Collective Remote Attestation at the Internet of Things Scale: State-of-the-art and Future Challenges. IEEE Communications Surveys & Tutorials 22, 4 (2020), 2447–2461.
[4]
M. Ambrosin, M. Conti, R. Lazzeretti, Md M. Rabbani, and S. Ranise. 2018. PADS: practical attestation for highly dynamic swarm topologies. In International Workshop on Secure Internet of Things (SIoT). IEEE, 18–27.
[5]
N. Asokan, F. Brasser, A. Ibrahim, A. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. 2015. SEDA: Scalable embedded device attestation. In ACM SIGSAC Conference on Computer and Communications Security. 964–975.
[6]
B.H. Bloom. 1970. Space/time trade-offs in hash coding with allowable errors. Communications of the ACM 13, 7 (1970), 422–426.
[7]
S. Dharmapurikar, P. Krishnamurthy, T.S. Sproull, and J.W. Lockwood. 2004. Deep packet inspection using parallel bloom filters. IEEE Micro 24, 1 (2004), 52–61. https://doi.org/10.1109/MM.2004.1268997
[8]
A.G. Dimakis, S. Kar, J.M.F. Moura, M.G. Rabbat, and A. Scaglione. 2010. Gossip algorithms for distributed signal processing. Proceedings of the IEEE 98, 11 (2010), 1847–1864.
[9]
A. Ibrahim, A. Sadeghi, and S. Zeitouni. 2017. SeED: secure non-interactive attestation for embedded devices. In ACM Conference on Security and Privacy in Wireless and Mobile Networks. 64–74.
[10]
A. Kirsch and M. Mitzenmacher. 2008. Less hashing, same performance: Building a better Bloom filter. Random Structures & Algorithms 33, 2 (2008), 187–218.
[11]
P. Koeberl, S. Schulz, A. Sadeghi, and V. Varadharajan. 2014. TrustLite: A security architecture for tiny embedded devices. In European Conference on Computer Systems. 1–14.
[12]
F. Kohnhäuser, N. Büscher, S. Gabmeyer, and S. Katzenbeisser. 2017. Scapi: a scalable attestation protocol to detect software and physical attacks. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 75–86.
[13]
F. Kohnhäuser, N. Büscher, and S. Katzenbeisser. 2018. SALAD: Secure and lightweight attestation of highly dynamic and disruptive networks. In Asia Conference on Computer and Communications Security. 329–342.
[14]
M.b. Mohamad Noor and W.H. Hassan. 2019. Current research on Internet of Things (IoT) security: A survey. Computer Networks 148(2019), 283–294. https://doi.org/10.1016/j.comnet.2018.11.025
[15]
N. Neshenko, E. Bou-Harb, J. Crichigno, G. Kaddoum, and N. Ghani. 2019. Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Communications Surveys & Tutorials 21, 3 (2019), 2702–2733.
[16]
R. Olfati-Saber and R.M. Murray. 2004. Consensus problems in networks of agents with switching topology and time-delays. IEEE Transactions on automatic control 49, 9 (2004), 1520–1533.
[17]
R. Olfati-Saber and J.S. Shamma. 2005. Consensus filters for sensor networks and distributed sensor fusion. In IEEE Conference on Decision and Control. IEEE, 6698–6703.
[18]
R. Patgiri, S. Nayak, and S.K. Borgohain. 2018. Preventing ddos using bloom filter: A survey. arXiv preprint arXiv:1810.06689(2018).
[19]
M. Stanislav and T. Beardsley. 2015. Hacking IoT: A case study on baby monitor exposures and vulnerabilities. Rapid7 Report (2015).
[20]
D. Starobinski, A. Trachtenberg, and S. Agarwal. 2003. Efficient PDA synchronization. IEEE Transactions on Mobile Computing 2, 1 (2003), 40–51.
[21]
R.V. Steiner and E. Lupu. 2016. Attestation in wireless sensor networks: A survey. ACM Computing Surveys (CSUR) 49, 3 (2016), 1–31.
[22]
S.J. Swamidass and P. Baldi. 2007. Mathematical correction for fingerprint similarity measures to improve chemical retrieval. Journal of chemical information and modeling 47, 3 (2007), 952–964.
[23]
H. Wu, H.C. Hsiao, and Y.C. Hu. 2014. Efficient large flow detection over arbitrary windows: An algorithm exact outside an ambiguity region. In Proceedings of the 2014 Conference on Internet Measurement Conference. 209–222.
[24]
V. Yadav and M.V. Salapaka. 2007. Distributed protocol for determining when averaging consensus is reached. In Allerton Conference on communication, control, and computing. 715–720.
[25]
F. Yamaguchi and H. Nishi. 2013. Hardware-based hash functions for network applications. In IEEE International Conference on Networks (ICON). IEEE, 1–6.
[26]
Z.-K. Zhang, M.C.Y. Cho, C.W. Wang, C.W. Hsu, C.K. Chen, and S. Shieh. 2014. IoT security: ongoing challenges and research opportunities. In 2014 IEEE 7th international conference on service-oriented computing and applications. IEEE, 230–234.
[27]
J. Zheng and M.J. Lee. 2006. A comprehensive performance study of IEEE 802.15.4. Sensor network operations 4 (2006), 218–237.
Recommendations
Flexible Mechanisms for Remote Attestation
Remote attestation consists of generating evidence of a system’s integrity via measurements and reporting the evidence to a remote party for appraisal in a form that can be trusted. The parties that exchange information must agree on formats and ...
Analysis of existing remote attestation techniques
This paper has been written as a part of the research project that is working towards the implementation of dynamic behavioral attestation for mobile platforms. The motivation behind this paper was to analyze the existing remote attestation techniques ...
Credibility Attestation of Property Remote Attestation Method
FITME '09: Proceedings of the 2009 Second International Conference on Future Information Technology and Management EngineeringDuring the realizing process of remote attestation, except for using trusted computing technology to protect physical security, storage security and operation security of certifier, cipher mechanism need to be combined to ensure the credibility of ...
Comments
Information & Contributors
Information
Published In
August 2021
1447 pages
ISBN:9781450390514
DOI:10.1145/3465481
Copyright © 2021 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 17 August 2021
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Sapienza University of Rome
- Sapienza University of Rome
Conference
ARES 2021
ARES 2021: The 16th International Conference on Availability, Reliability and Security
August 17 - 20, 2021
Vienna, Austria
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 132Total Downloads
- Downloads (Last 12 months)15
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format