LICAPA:在高动态网络中检测物理攻击的轻量级集体认证

IF 3 3区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Ziyu Wang , Cong Sun
{"title":"LICAPA:在高动态网络中检测物理攻击的轻量级集体认证","authors":"Ziyu Wang ,&nbsp;Cong Sun","doi":"10.1016/j.pmcj.2024.101903","DOIUrl":null,"url":null,"abstract":"<div><p>UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (<em>Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks</em>) and PASTA (<em>Practical Attestation Protocol for Autonomous Embedded Systems</em>).</p></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":"99 ","pages":"Article 101903"},"PeriodicalIF":3.0000,"publicationDate":"2024-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1574119224000294/pdfft?md5=16eb6fb6c8f2a44387364de5b0970a87&pid=1-s2.0-S1574119224000294-main.pdf","citationCount":"0","resultStr":"{\"title\":\"LICAPA: Lightweight collective attestation for physical attacks detection in highly dynamic networks\",\"authors\":\"Ziyu Wang ,&nbsp;Cong Sun\",\"doi\":\"10.1016/j.pmcj.2024.101903\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (<em>Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks</em>) and PASTA (<em>Practical Attestation Protocol for Autonomous Embedded Systems</em>).</p></div>\",\"PeriodicalId\":49005,\"journal\":{\"name\":\"Pervasive and Mobile Computing\",\"volume\":\"99 \",\"pages\":\"Article 101903\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2024-02-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S1574119224000294/pdfft?md5=16eb6fb6c8f2a44387364de5b0970a87&pid=1-s2.0-S1574119224000294-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Pervasive and Mobile Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1574119224000294\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119224000294","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

无人机或车载网络已广泛应用于不同领域。这种系统网络由各种异构的移动设备组成,这些设备自主运行并相互配合,以提供灵活的服务。然而,确保设备运行时的完整性一直是此类高度动态和破坏性网络的关键。集体验证是确保远程设备服务完整性的一种流行技术。然而,物理攻击对运行时完整性的执行构成了重大威胁,而现有的检测方法会产生大量误报,从而阻碍网络的稳健性。我们提出了 LICAPA,这是一种用于高精度检测物理攻击的集体认证框架。LICAPA 可以利用其他最近通过验证的设备签署的时间戳来检测受到物理攻击的设备。这种 "他人证明 "机制为物理攻击检测提供了更多关于受攻击设备的知识。与最先进的方法相比,它能减少潜在的误报。LICAPA 提供了一种物理对抗容忍运行时设备加入机制和一种新的证明报告聚合方案,以降低设备的存储和通信成本。在信任锚的原型实现上,我们评估了 LICAPA 的计算成本。仿真结果表明,LICAPA 的通信成本低、抗物理攻击误检测时间长。与 SALAD(高动态和破坏性网络的安全和轻量级认证)和 PASTA(自主嵌入式系统的实用认证协议)相比,LICAPA 可将整个蜂群认证成本降低 20% 以上。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
LICAPA: Lightweight collective attestation for physical attacks detection in highly dynamic networks

UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks) and PASTA (Practical Attestation Protocol for Autonomous Embedded Systems).

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Pervasive and Mobile Computing
Pervasive and Mobile Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS
CiteScore
7.70
自引率
2.30%
发文量
80
审稿时长
68 days
期刊介绍: As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies. The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信