WISE: A Lightweight Intelligent Swarm Attestation Scheme for the Internet of Things

The Internet of Things (IoT) is shaped by the increasing number of low-cost Internet-connected embedded devices that are becoming ubiquitous in every aspect of modern life, including safety- and privacy-critical application scenarios. Such devices offer limited or no security features, creating a large new attack surface. One key component in securing these devices is software integrity checking, which typically attained with Remote Attestation (RA). RA is a security service that helps in detecting malware-infected IoT devices through remotely verifying their internal state by a trusted party. In the vast majority of IoT application domains, IoT devices operate in swarms or groups to achieve common tasks. Existing swarm attestation techniques are still rigid and not smart enough to address heterogeneity and adapt the different requirements of various IoT devices connected to a swarm, thus triggering the need for more efficient swarm attestation schemes. In this paper, we present WISE, the first intelligent swarm attestation scheme that takes into account the various characteristics, differences, and requirements of connected devices in a swarm, aiming at minimizing the communication overhead while preserving an adequate level of security. WISE depends on a resource-efficient smart broadcast authentication scheme where devices are organized in fine-grained multi-clusters, and whenever needed, the most likely compromised devices are attested. The candidate devices are selected intelligently taking into account the attestation history and diverse characteristics and constraints of each device in the swarm. We show that WISE is suitable for resource-constrained embedded devices, highly efficient and scalable in static and dynamic heterogeneous IoT networks, and offers an adjustable level of security.

Publication year:2020

Accessibility:Closed