FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices
Swarm attestation, as an important branch of Remote Attestation (RA), enables a trusted party (verifier) to verify the security states of multiple devices (provers) in a large network (swarm) simultaneously via a challenge-response mechanism. However, swarm attestation suffers from significant redun...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2023
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/8187 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-9190 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-91902023-09-26T09:54:03Z FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices KUANG, Boyu FU, Anmin GAO, Yansong ZHANG, Yuqing ZHOU, DENG, Robert H. DENG, Robert H. Swarm attestation, as an important branch of Remote Attestation (RA), enables a trusted party (verifier) to verify the security states of multiple devices (provers) in a large network (swarm) simultaneously via a challenge-response mechanism. However, swarm attestation suffers from significant redundancy overhead since all devices in the swarm need to be attested in each attestation round. Besides, it faces challenges such as verifier-impersonation Denial of Service (DoS) attacks, highly dynamic networks, transient & self-relocating malware, and Time-Of-Check-Time-Of-Use (TOCTOU) attacks. In this paper, considering not only the detection accuracy but also the privacy of swarm owners in real Internet of Things (IoT) scenarios, we propose an Automatic Federated Swarm Attestation scheme (FeSA). Under this scheme, we design a federated-learning-based automatic swarm attestation protocol that enables the verifiers to identify the suspicious devices by a neural network model and then attest them. To the best of our knowledge, this is the first scheme to apply a federated learning method to RA, ruling out the redundancy attestation rounds while preserving data privacy. The FeSA redesigns the interaction model of RA by a challenge-query mechanism to reduce the overhead of an individual device to a constant. In order to evaluate our scheme, we first set up a smart office environment with 12 types of smart IoT devices for real-world data collection up to 21 days. Based on the real dataset, we demonstrate that FeSA can indeed identify the compromised IoT devices while reducing redundancy. We further simulate large-scale swarms of up to 1,000,000 devices to validate the efficiency of FeSA in large-scale swarms. Last, the security analysis proves the ability of FeSA to resist various attacks. 2023-07-01T07:00:00Z text https://ink.library.smu.edu.sg/sis_research/8187 info:doi/10.1109/TDSC.2022.3193106 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Remote attestation Internet of Things federated learning Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Remote attestation Internet of Things federated learning Information Security |
| spellingShingle |
Remote attestation Internet of Things federated learning Information Security KUANG, Boyu FU, Anmin GAO, Yansong ZHANG, Yuqing ZHOU, DENG, Robert H. DENG, Robert H. FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| description |
Swarm attestation, as an important branch of Remote Attestation (RA), enables a trusted party (verifier) to verify the security states of multiple devices (provers) in a large network (swarm) simultaneously via a challenge-response mechanism. However, swarm attestation suffers from significant redundancy overhead since all devices in the swarm need to be attested in each attestation round. Besides, it faces challenges such as verifier-impersonation Denial of Service (DoS) attacks, highly dynamic networks, transient & self-relocating malware, and Time-Of-Check-Time-Of-Use (TOCTOU) attacks. In this paper, considering not only the detection accuracy but also the privacy of swarm owners in real Internet of Things (IoT) scenarios, we propose an Automatic Federated Swarm Attestation scheme (FeSA). Under this scheme, we design a federated-learning-based automatic swarm attestation protocol that enables the verifiers to identify the suspicious devices by a neural network model and then attest them. To the best of our knowledge, this is the first scheme to apply a federated learning method to RA, ruling out the redundancy attestation rounds while preserving data privacy. The FeSA redesigns the interaction model of RA by a challenge-query mechanism to reduce the overhead of an individual device to a constant. In order to evaluate our scheme, we first set up a smart office environment with 12 types of smart IoT devices for real-world data collection up to 21 days. Based on the real dataset, we demonstrate that FeSA can indeed identify the compromised IoT devices while reducing redundancy. We further simulate large-scale swarms of up to 1,000,000 devices to validate the efficiency of FeSA in large-scale swarms. Last, the security analysis proves the ability of FeSA to resist various attacks. |
| format |
text |
| author |
KUANG, Boyu FU, Anmin GAO, Yansong ZHANG, Yuqing ZHOU, DENG, Robert H. DENG, Robert H. |
| author_facet |
KUANG, Boyu FU, Anmin GAO, Yansong ZHANG, Yuqing ZHOU, DENG, Robert H. DENG, Robert H. |
| author_sort |
KUANG, Boyu |
| title |
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| title_short |
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| title_full |
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| title_fullStr |
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| title_full_unstemmed |
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices |
| title_sort |
fesa: automatic federated swarm attestation on dynamic large-scale iot devices |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2023 |
| url |
https://ink.library.smu.edu.sg/sis_research/8187 |
| _version_ |
1779157219258925056 |