© The Institution of Engineering and Technology
Wireless sensor networks (WSNs) have been deployed in various commercial, scientific, and military applications for surveillance and critical data collection. A serious threat to sensor nodes is malicious code injection attack that results in fake data delivery or private data disclosure. Memory attestation used for verifying the integrity of a device's firmware is a promising solution for detecting an infected sensor node; particularly, low-cost software-based schemes are suitable for protecting resource-constrained sensor nodes. However, a software-based attestation usually requires some additional mechanisms for providing reliable integrity evidence when the sensor nodes communicate with the verifier through a multihop setting. Alternative hardware-based attestation (e.g. trusted platform module) ensures a reliable integrity measurement that, however, is impractical for certain WSN applications primarily because of the high computational overhead and high hardware cost. The authors propose a lightweight hardware-based memory attestation scheme against the malicious code injection attack, and the proposed scheme employs a lightweight tamper-resistant hardware security module, which is free from any complicated cryptographic computation and is particularly suitable for low-cost sensor nodes. In addition, experimental results demonstrating the effectiveness of the proposed scheme are presented.
References
-
-
1)
-
7. Seshadri, A., Luk, M., Perrig, A., et al: ‘SCUBA: secure code update by attestation in sensor network’. Proc. Workshop Wireless Security, Los Angeles, USA, September 2006, pp. 85–94.
-
2)
-
3)
-
23. Francillon, A., Castelluccia, C.: ‘Code injection attacks on Harvard-architecture devices’. Proc. Conf. Computer and Communications Security, Alexandria, USA, October 2008, pp. 15–26.
-
4)
-
11. Karame, G.K., Li, W.: ‘Secure erasure and code update in legacy sensors’. Proc. Int. Conf. Trust and Trustworthy Computing, Heraklion, Greece, August 2015, pp. 283–299.
-
5)
-
18. Kiyomoto, S., Miyake, Y.: ‘Lightweight attestation scheme for wireless sensor network’, Int. J. Sec. Appl., 2014, 8, (2), pp. 25–40.
-
6)
-
13. Yang, X., He, X., Yu, W., et al: ‘Towards a low-cost remote memory attestation for the smart grid’, Sensors, 2015, 15, (8), pp. 20799–20824.
-
7)
-
29. Sadeghi, A.R., Schulz, S., Wachsmann, C.: ‘Lightweight remote attestation using physical function’ (Technische Universit at Darmstadt, Germany, 2011), pp. 1–9.
-
8)
-
8. Defrawy, K.E., Francillon, A., Perito, D., et al: ‘SMART: secure and minimal architecture for (establishing a dynamic) root of trust’. Proc. Symp. Annual Network and Distributed System Security, San Diego, USA, February 2012.
-
9)
-
17. Yang, Y., Wang, X., Zhu, S., et al: ‘Distributed software-based attestation for node compromise detection in sensor networks’. Proc. Int. Symp. Reliable Distributed Systems, Beijing, China, October 2007, pp. 219–230.
-
10)
-
16. Park, H., Seo, D., Lee, H., et al: ‘SMATT: smart meter attestation using multiple target selection and copy-proof memory’. Proc. Int. Conf. Computational Science and Its Applications, Jeju, Korea, December 2012, pp. 875–887.
-
11)
-
14. Song, K., Seo, D., Park, H., et al: ‘OMAP: one-way memory attestation protocol for smart meters’. Proc. Int. Symp. Parallel and Distributed Processing with Applications, Busan, Korea, May 2011, pp. 111–118.
-
12)
-
31. Li, Y., McCune, J.M., Perrig, A.: ‘VIPER: verifying the integrity of peripherals’ firmware’. Proc. Conf. Computer and Communications Security, Chicago, USA, October 2011, pp. 3–16.
-
13)
-
21. Schellekens, D., Wyseur, B., Preneel, B.: ‘Remote attestation on legacy operating systems with trusted platform modules’, Sci. Comput. Program., 2008, 74, (1–2), pp. 13–22.
-
14)
-
20. AbuHmed, T., Nyamaa, N., Nyang, D.: ‘Software-based remote code attestation in wireless sensor network’. Proc. Conf. IEEE 28th Global Telecommunication, Honolulu, USA, November 2009, pp. 1–8.
-
15)
-
15. Zhang, D., Liu, D.: ‘DataGuard: dynamic data attestation in wireless sensor networks’. Proc. Int. Conf. Dependable Systems and Networks, Chicago, USA, June 2010, pp. 261–270.
-
16)
-
19. Shaneck, M., Mahadevan, K., Kher, V., et al: ‘Remote software-based attestation for wireless sensors’. Proc. European Workshop Security and Privacy in Ad-hoc and Sensor Networks, Visegrad, Hungary, July 2005, pp. 27–41.
-
17)
-
12. Perito, D., Tsudik, G.: ‘Secure code update for embedded devices via proofs of secure erasure’. Proc. European Symp. Research in Computer Security, Athens, Greece, September 2010, pp. 643–662.
-
18)
-
5. Seshadri, A., Perrig, A., Van Doorn, L., et al: ‘SWATT: software-based attestation for embedded devices’. Proc. Symp. Security and Privacy, Berkeley, USA, May 2004, pp. 272–282.
-
19)
-
20)
-
3. Gu, Q., Noorani, R.: ‘Towards self-propagate mal-packets in sensor networks’. Proc. Conf. Wireless Network Security, Alexandria, USA, March 2008, pp. 172–182.
-
21)
-
6. Tan, H., Hu, W., Jha, S.: ‘A TPM-enabled remote attestation protocol (TRAP) in wireless sensor networks’. Proc. Workshop Performance Monitoring and Measurement of Heterogeneous Wireless and Wired Networks, Miami, USA, October 2011, pp. 9–16.
-
22)
-
10. Castelluccia, C., Francillon, A., Perito, D., et al: ‘On the difficulty of software-based attestation of embedded devices’. Proc. Conf. Comput. Commun. Security, Chicago, USA, November 2009, pp. 400–409.
-
23)
-
22. Francillon, A., Nguyen, Q., Rasmussen, K.B., et al: ‘Systematic treatment of remote attestation’. .
-
24)
-
1. Prasanna, S., Rao, S.: ‘An overview of wireless sensor networks applications and security’, Int. J. Soft Comput. Eng., 2012, 2, (2), pp. 538–540.
-
25)
-
26. Chae, Y., DiPippo, L., Sun Y. L.: ‘Trust management for defending on-off attacks’, IEEE Trans. Parallel Distrib. Syst., 2015, 26, (4), pp. 1178–1191.
-
26)
-
24. Seshadri, A., Luk, M., Perrig, A.: ‘SAKE: software attestation for key establishment in sensor networks’, Ad Hoc Netw., 2011, 9, (6), pp. 1059–1067.
-
27)
-
2. Hartung, C., Balasalle, J., Han, R.: ‘Node compromise in sensor networks: the need for secure systems’ (Department of Computer Science, University of Colorado, Boulder, 2005), pp. 1–8.
-
28)
-
29)
-
30. Armknecht, F., Maes, R., Sadeghi, A.R., et al: ‘Memory leakage-resilient encryption based on physically unclonable functions’. Proc. Advances in Cryptology, Tokyo Japan, December 2009, pp. 685–702.
-
30)
-
4. Giannetsos, T., Dimitriou, T., Krontiris, I., et al: ‘Arbitrary code injection through self-propagating worms in Von Neumann architecture devices’, Comput. J., 2010, 53, (10), pp. 1576–1593.
-
31)
-
28. Kaps, J.P., Sunar, B.: ‘Energy comparison of AES and SHA-1 for ubiquitous computing’. Proc. Emerging Directions in Embedded and Ubiquitous Computing, Seoul, Korea, August 2006, pp. 372–381.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0556
Related content
content/journals/10.1049/iet-ifs.2016.0556
pub_keyword,iet_inspecKeyword,pub_concept
6
6