Skip to main content
SpringerLink
Log in

Distributed Services Attestation in IoT

  • Chapter
  • First Online:
From Database to Cyber Security

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11170))

Abstract

Remote attestation has emerged as a powerful security mechanism that ascertains the legitimate operation of potential untrusted devices. In particular, it is used to establish trust in Internet of Things (IoT) devices, which are becoming ubiquitous and are increasingly interconnected, making them more vulnerable to malware attacks. A considerable number of prior works in Remote attestation aim to detect the presence of malware in IoT devices by validating the correctness of the software running on a single device. However, the interoperability between IoT devices raises a need for an extension of the existing attestation schemes towards an approach that detects the possible malicious behavior of devices caused by compromised remote services in the system.

In this paper, we discuss the impact of a compromised service in a distributed service setting. We show that due to a malicious input received, a device of the distributed service can perform an unexpected task, even though it runs a genuine software. To detect these devices that exhibit a non legitimate behavior in the system, we propose a novel approach that ensures the integrity of distributed services in a collaborative IoT system. We discuss the effectiveness of our proposal on validating the impact of a malicious service over a set of distributed services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Roy, S., Conti, M., Setia, S., Jajodia, S.: Secure data aggregation in wireless sensor networks: filtering out the attacker’s impact. IEEE Trans. Inf. Forensics Secur. 9(4), 681–694 (2014)

    Article  Google Scholar 

  2. Roy, S., Conti, M., Setia, S., Jajodia, S.: Secure data aggregation in wireless sensor networks. IEEE Trans. Inf. Forensics Secur. 7(3), 1040–1052 (2012)

    Article  Google Scholar 

  3. Zhang, L., Zhang, H., Conti, M., Di Pietro, R., Jajodia, S., Mancini, L.V.: Preserving privacy against external and internalthreats in WSN data aggregation. Telecommun. Syst. 52(4), 2163–2176 (2011)

    Article  Google Scholar 

  4. Roy, S., Conti, M., Setia, S., Jajodia, S.: Secure mediancomputation in wireless sensor networks. Ad Hoc Netw. 7(8), 1448–1462 (2009)

    Article  Google Scholar 

  5. Conti, M., Zhang, L., Roy, S., Di Pietro, R., Jajodia, S., Mancini, L.V.: Privacy-preserving robust data aggregation in wireless sensornetworks. Secur. Commun. Netw. 2(2), 195–213 (2009)

    Article  Google Scholar 

  6. Conti, M.: Secure Wireless Sensor Networks. Springer, New York (2015). https://doi.org/10.1007/978-1-4939-3460-7

    Book  Google Scholar 

  7. Gabrielli, A., Mancini, L.V., Setia, S., Jajodia, S.: Securing topology maintenance protocols for sensor networks. IEEE Trans. Dependable Secur. Comput. 8(3), 450–465 (2011)

    Article  Google Scholar 

  8. Compagno, A., Conti, M., Droms, R.: OnboardICNg: a secure protocol for on-boarding IoT devices in ICN. In: Proceedings of the 2016 Conference on 3rd ACM Conference on Information-Centric Networking-ACM-ICN 2016. ACM Press (2016)

    Google Scholar 

  9. Di Pietro, R., Mancini, L.V., Jajodia, S.: Providing secrecy in key management protocols for large wireless sensors networks. Ad Hoc Netw. 1(4), 455–468 (2003)

    Article  Google Scholar 

  10. Zhu, B., Setia, S., Jajodia, S., Roy, S., Wang, L.: Localized multicast: efficient and distributed replica detection in large-scale sensor networks. IEEE Trans. Mob. Comput. 9(7), 913–926 (2010)

    Article  Google Scholar 

  11. Conti, M., Di Pietro, R., Mancini, L.V., Mei, A.: Distributed detection of clone attacks in wireless sensor networks. IEEE Trans. Dependable Secur. Comput. 8(5), 685–698 (2011)

    Article  Google Scholar 

  12. Company, M.: The internet of things: mapping the value beyond the hype, June 2015. http://www.mckinsey.com/. Accessed 15 Dec 2017

  13. KrebsonSecurity: Mirai Botnete, October 2016.http://krebsonsecurity.com/tag/mirai-botnet. Accessed 15 Dec 2017

  14. Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE, May 2016

    Google Scholar 

  15. Ronen, E., Shamir, A., Weingarten, A.O., OFlynn, C.: IoT goes nuclear: creating a ZigBee chain reaction. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE, May 2017

    Google Scholar 

  16. Abera, T., et al.: C-FLAT: control-flow attestation for embedded systems software. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016. ACM Press (2016)

    Google Scholar 

  17. Asokan, N., et al.: SEDA: scalable embedded device attestation. In: Proceedings of the 22nd ACM SIGSAC Conferenceon Computer and Communications Security - CCS 2015. ACM Press (2015)

    Google Scholar 

  18. Ambrosin, M., Conti, M., Ibrahim, A., Neven, G., Sadeghi, A.R., Schunter, M.: SANA: secure and scalable aggregate network attestation. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016. ACM Press (2016)

    Google Scholar 

  19. Ambrosin, M., Conti, M., Lazzeretti, R., Rabbani, M.M., Ranise, S.: Toward secure and efficient attestation for highly dynamic swarms.In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks - WiSec 2017. ACM Press (2017)

    Google Scholar 

  20. Kil, C., Sezer, E.C., Azab, A.M., Ning, P., Zhang, X.: Remote attestation to dynamic system properties: towards providing complete system integrity evidence. In: 2009 IEEE/IFIP International Conference on Dependable Systems & Networks. IEEE, June 2009

    Google Scholar 

  21. Dessouky, G., et al.: LO-FAT: low-overhead control flow attestation in hardware. In: Proceedings of the 54th Annual Design Automation Conference 2017 - DAC 2017. ACM Press (2017)

    Google Scholar 

  22. Shi, E., Perrig, A., Doorn, L.V.: BIND: a fine-grained attestation service for secure distributed systems. In: 2005 IEEE Symposium on Security and Privacy (SP). IEEE, May 2005

    Google Scholar 

  23. Senrio: Devil’s Ivy, July 2017. http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions. Accessed 15 Dec 2017

  24. Shacham, H.: The geometry of innocent flesh on the bone. In: Proceedings of the 14th ACM Conference on Computer and Communications Security - CCS 2007. ACM Press (2007)

    Google Scholar 

Download references

Acknowledgement

Mauro Conti is supported by a Marie Curie Fellowship funded by the European Commission (agreement PCIG11-GA-2012-321980). This work is also partially supported by the EU TagItSmart! Project (agreement H2020-ICT30-2015-688061), the EU-India REACH Project (agreement ICI+/2014/342-896), by the project CNR-MOST/Taiwan 2016-17 “Verifiable Data Structure Streaming”, the grant n. 2017-166478 (3696) from Cisco University Research Program Fund and Silicon Valley Community Foundation, and by the grant “Scalable IoT Management and Key security aspects in 5G systems” from Intel. Luigi V. Mancini and Edlira Dushku are supported by the Progetto Ateneo 2017, “Protect yourself and your data when using social network”, Sapienza University of Rome.

Author information

Authors and Affiliations

  1. University of Padua, Padua, Italy

    Mauro Conti

  2. Dipartimento di Informatica, Sapienza University of Rome, Rome, Italy

    Edlira Dushku & Luigi V. Mancini

Authors
  1. Mauro Conti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Edlira Dushku
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luigi V. Mancini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Edlira Dushku .

Editor information

Editors and Affiliations

  1. Università degli Studi di Milano, Milano, Italy

    Pierangela Samarati

  2. Colorado State University, Fort Collins, CO, USA

    Indrajit Ray

  3. Colorado State University, Fort Collins, CO, USA

    Indrakshi Ray

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Conti, M., Dushku, E., Mancini, L.V. (2018). Distributed Services Attestation in IoT. In: Samarati, P., Ray, I., Ray, I. (eds) From Database to Cyber Security. Lecture Notes in Computer Science(), vol 11170. Springer, Cham. https://doi.org/10.1007/978-3-030-04834-1_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04834-1_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04833-4

  • Online ISBN: 978-3-030-04834-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation