Memory attestation of wireless sensor nodes through trusted remote agents

Po-Hung Yang; Sung-Ming Yen

Memory attestation of wireless sensor nodes through trusted remote agents

View Fulltext

Author(s): Po-Hung Yang ¹¹ and Sung-Ming Yen ¹¹
- Affiliations: 1: Department of Computer Science and Information Engineering, National Central University, Taoyuan City, Taiwan
Source: Volume 11, Issue 6, November 2017, p. 338 – 344
DOI: 10.1049/iet-ifs.2016.0556 , Print ISSN 1751-8709, Online ISSN 1751-8717

Received 01/12/2016, Accepted 01/06/2017, Revised 02/05/2017, Published 05/06/2017

Wireless sensor networks (WSNs) have been deployed in various commercial, scientific, and military applications for surveillance and critical data collection. A serious threat to sensor nodes is malicious code injection attack that results in fake data delivery or private data disclosure. Memory attestation used for verifying the integrity of a device's firmware is a promising solution for detecting an infected sensor node; particularly, low-cost software-based schemes are suitable for protecting resource-constrained sensor nodes. However, a software-based attestation usually requires some additional mechanisms for providing reliable integrity evidence when the sensor nodes communicate with the verifier through a multihop setting. Alternative hardware-based attestation (e.g. trusted platform module) ensures a reliable integrity measurement that, however, is impractical for certain WSN applications primarily because of the high computational overhead and high hardware cost. The authors propose a lightweight hardware-based memory attestation scheme against the malicious code injection attack, and the proposed scheme employs a lightweight tamper-resistant hardware security module, which is free from any complicated cryptographic computation and is particularly suitable for low-cost sensor nodes. In addition, experimental results demonstrating the effectiveness of the proposed scheme are presented.

References

1. 1)
  - 7. Seshadri, A., Luk, M., Perrig, A., et al: ‘SCUBA: secure code update by attestation in sensor network’. Proc. Workshop Wireless Security, Los Angeles, USA, September 2006, pp. 85–94.
2. 2)
  - 25. FIPS PUB 198-1: ‘The keyed-hash message authentication code (HMAC)’. 2008.
3. 3)
  - 23. Francillon, A., Castelluccia, C.: ‘Code injection attacks on Harvard-architecture devices’. Proc. Conf. Computer and Communications Security, Alexandria, USA, October 2008, pp. 15–26.
4. 4)
  - 11. Karame, G.K., Li, W.: ‘Secure erasure and code update in legacy sensors’. Proc. Int. Conf. Trust and Trustworthy Computing, Heraklion, Greece, August 2015, pp. 283–299.
5. 5)
  - 18. Kiyomoto, S., Miyake, Y.: ‘Lightweight attestation scheme for wireless sensor network’, Int. J. Sec. Appl., 2014, 8, (2), pp. 25–40.
6. 6)
  - 13. Yang, X., He, X., Yu, W., et al: ‘Towards a low-cost remote memory attestation for the smart grid’, Sensors, 2015, 15, (8), pp. 20799–20824.
7. 7)
  - 29. Sadeghi, A.R., Schulz, S., Wachsmann, C.: ‘Lightweight remote attestation using physical function’ (Technische Universit at Darmstadt, Germany, 2011), pp. 1–9.
8. 8)
  - 8. Defrawy, K.E., Francillon, A., Perito, D., et al: ‘SMART: secure and minimal architecture for (establishing a dynamic) root of trust’. Proc. Symp. Annual Network and Distributed System Security, San Diego, USA, February 2012.
9. 9)
  - 17. Yang, Y., Wang, X., Zhu, S., et al: ‘Distributed software-based attestation for node compromise detection in sensor networks’. Proc. Int. Symp. Reliable Distributed Systems, Beijing, China, October 2007, pp. 219–230.
10. 10)
  - 16. Park, H., Seo, D., Lee, H., et al: ‘SMATT: smart meter attestation using multiple target selection and copy-proof memory’. Proc. Int. Conf. Computational Science and Its Applications, Jeju, Korea, December 2012, pp. 875–887.
11. 11)
  - 14. Song, K., Seo, D., Park, H., et al: ‘OMAP: one-way memory attestation protocol for smart meters’. Proc. Int. Symp. Parallel and Distributed Processing with Applications, Busan, Korea, May 2011, pp. 111–118.
12. 12)
  - 31. Li, Y., McCune, J.M., Perrig, A.: ‘VIPER: verifying the integrity of peripherals’ firmware’. Proc. Conf. Computer and Communications Security, Chicago, USA, October 2011, pp. 3–16.
13. 13)
  - 21. Schellekens, D., Wyseur, B., Preneel, B.: ‘Remote attestation on legacy operating systems with trusted platform modules’, Sci. Comput. Program., 2008, 74, (1–2), pp. 13–22.
14. 14)
  - 20. AbuHmed, T., Nyamaa, N., Nyang, D.: ‘Software-based remote code attestation in wireless sensor network’. Proc. Conf. IEEE 28th Global Telecommunication, Honolulu, USA, November 2009, pp. 1–8.
15. 15)
  - 15. Zhang, D., Liu, D.: ‘DataGuard: dynamic data attestation in wireless sensor networks’. Proc. Int. Conf. Dependable Systems and Networks, Chicago, USA, June 2010, pp. 261–270.
16. 16)
  - 19. Shaneck, M., Mahadevan, K., Kher, V., et al: ‘Remote software-based attestation for wireless sensors’. Proc. European Workshop Security and Privacy in Ad-hoc and Sensor Networks, Visegrad, Hungary, July 2005, pp. 27–41.
17. 17)
  - 12. Perito, D., Tsudik, G.: ‘Secure code update for embedded devices via proofs of secure erasure’. Proc. European Symp. Research in Computer Security, Athens, Greece, September 2010, pp. 643–662.
18. 18)
  - 5. Seshadri, A., Perrig, A., Van Doorn, L., et al: ‘SWATT: software-based attestation for embedded devices’. Proc. Symp. Security and Privacy, Berkeley, USA, May 2004, pp. 272–282.
19. 19)
  - 27. ‘ATmega328P datasheet’. Available at http://www.atmel.com/Images Atmel-42735-8-bit-AVR-Microcontroller-ATmega328-328P_datasheet.pdf, accessed 13 October 2016.
20. 20)
  - 3. Gu, Q., Noorani, R.: ‘Towards self-propagate mal-packets in sensor networks’. Proc. Conf. Wireless Network Security, Alexandria, USA, March 2008, pp. 172–182.
21. 21)
  - 6. Tan, H., Hu, W., Jha, S.: ‘A TPM-enabled remote attestation protocol (TRAP) in wireless sensor networks’. Proc. Workshop Performance Monitoring and Measurement of Heterogeneous Wireless and Wired Networks, Miami, USA, October 2011, pp. 9–16.
22. 22)
  - 10. Castelluccia, C., Francillon, A., Perito, D., et al: ‘On the difficulty of software-based attestation of embedded devices’. Proc. Conf. Comput. Commun. Security, Chicago, USA, November 2009, pp. 400–409.
23. 23)
  - 22. Francillon, A., Nguyen, Q., Rasmussen, K.B., et al: ‘Systematic treatment of remote attestation’. (IACR Cryptology ePrint Archive 2012, Number 713). Available at https://eprint.iacr.org/2012/713.pdf, accessed 24 June 2017.
24. 24)
  - 1. Prasanna, S., Rao, S.: ‘An overview of wireless sensor networks applications and security’, Int. J. Soft Comput. Eng., 2012, 2, (2), pp. 538–540.
25. 25)
  - 26. Chae, Y., DiPippo, L., Sun Y. L.: ‘Trust management for defending on-off attacks’, IEEE Trans. Parallel Distrib. Syst., 2015, 26, (4), pp. 1178–1191.
26. 26)
  - 24. Seshadri, A., Luk, M., Perrig, A.: ‘SAKE: software attestation for key establishment in sensor networks’, Ad Hoc Netw., 2011, 9, (6), pp. 1059–1067.
27. 27)
  - 2. Hartung, C., Balasalle, J., Han, R.: ‘Node compromise in sensor networks: the need for secure systems’ (Department of Computer Science, University of Colorado, Boulder, 2005), pp. 1–8.
28. 28)
  - 9. ISO/IEC 11889: ‘Information technology-trusted platform module’. 2009.
29. 29)
  - 30. Armknecht, F., Maes, R., Sadeghi, A.R., et al: ‘Memory leakage-resilient encryption based on physically unclonable functions’. Proc. Advances in Cryptology, Tokyo Japan, December 2009, pp. 685–702.
30. 30)
  - 4. Giannetsos, T., Dimitriou, T., Krontiris, I., et al: ‘Arbitrary code injection through self-propagating worms in Von Neumann architecture devices’, Comput. J., 2010, 53, (10), pp. 1576–1593.
31. 31)
  - 28. Kaps, J.P., Sunar, B.: ‘Energy comparison of AES and SHA-1 for ubiquitous computing’. Proc. Emerging Directions in Embedded and Ubiquitous Computing, Seoul, Korea, August 2006, pp. 372–381.

Login

Not registered yet?

Share

Tools

Login to add to favourites

Key

Memory attestation of wireless sensor nodes through trusted remote agents

References

Related content