{"title":"LICAPA:在高动态网络中检测物理攻击的轻量级集体认证","authors":"Ziyu Wang , Cong Sun","doi":"10.1016/j.pmcj.2024.101903","DOIUrl":null,"url":null,"abstract":"<div><p>UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (<em>Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks</em>) and PASTA (<em>Practical Attestation Protocol for Autonomous Embedded Systems</em>).</p></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":null,"pages":null},"PeriodicalIF":3.0000,"publicationDate":"2024-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1574119224000294/pdfft?md5=16eb6fb6c8f2a44387364de5b0970a87&pid=1-s2.0-S1574119224000294-main.pdf","citationCount":"0","resultStr":"{\"title\":\"LICAPA: Lightweight collective attestation for physical attacks detection in highly dynamic networks\",\"authors\":\"Ziyu Wang , Cong Sun\",\"doi\":\"10.1016/j.pmcj.2024.101903\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (<em>Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks</em>) and PASTA (<em>Practical Attestation Protocol for Autonomous Embedded Systems</em>).</p></div>\",\"PeriodicalId\":49005,\"journal\":{\"name\":\"Pervasive and Mobile Computing\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2024-02-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S1574119224000294/pdfft?md5=16eb6fb6c8f2a44387364de5b0970a87&pid=1-s2.0-S1574119224000294-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Pervasive and Mobile Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1574119224000294\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119224000294","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
LICAPA: Lightweight collective attestation for physical attacks detection in highly dynamic networks
UAVs or vehicular networks have been extensively used in different domains. Such a system network consists of various heterogeneous and mobile devices operating autonomously and cooperatively to provide flexible services. However, ensuring devices’ runtime integrity has always been critical to such highly dynamic and disruptive networks. Collective attestation is a popular technique in ensuring service integrity on remote devices. However, the physical attacks pose significant threats to the enforcement of the runtime integrity, and the existing detection approaches raise a considerable number of false positives, which impede the robustness of the network. We propose LICAPA, a collective attestation framework for detecting physical attacks with high accuracy. LICAPA can detect a device under physical attack with the timestamps signed by other recently-attested devices. Such a proof-from-others mechanism provides more knowledge about the compromised device for physical attack detection. It reduces the potential false positives compared with the state-of-the-art approaches. LICAPA provides a physical-adversary-tolerant runtime device joining mechanism and a new attestation report aggregation scheme to reduce the storage and communication cost of the device. On the prototype implementation of the trust anchor, we evaluate LICAPA’s computational costs. The simulation results demonstrate LICAPA’s low communication cost and long resistance time against false detection on physical attack. LICAPA reduces the overall swarm attestation cost by over 20% compared with SALAD (Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks) and PASTA (Practical Attestation Protocol for Autonomous Embedded Systems).
期刊介绍:
As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies.
The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.