FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices
Publication Type
Journal Article
Publication Date
7-2023
Abstract
Swarm attestation, as an important branch of Remote Attestation (RA), enables a trusted party (verifier) to verify the security states of multiple devices (provers) in a large network (swarm) simultaneously via a challenge-response mechanism. However, swarm attestation suffers from significant redundancy overhead since all devices in the swarm need to be attested in each attestation round. Besides, it faces challenges such as verifier-impersonation Denial of Service (DoS) attacks, highly dynamic networks, transient & self-relocating malware, and Time-Of-Check-Time-Of-Use (TOCTOU) attacks. In this paper, considering not only the detection accuracy but also the privacy of swarm owners in real Internet of Things (IoT) scenarios, we propose an Automatic Federated Swarm Attestation scheme (FeSA). Under this scheme, we design a federated-learning-based automatic swarm attestation protocol that enables the verifiers to identify the suspicious devices by a neural network model and then attest them. To the best of our knowledge, this is the first scheme to apply a federated learning method to RA, ruling out the redundancy attestation rounds while preserving data privacy. The FeSA redesigns the interaction model of RA by a challenge-query mechanism to reduce the overhead of an individual device to a constant. In order to evaluate our scheme, we first set up a smart office environment with 12 types of smart IoT devices for real-world data collection up to 21 days. Based on the real dataset, we demonstrate that FeSA can indeed identify the compromised IoT devices while reducing redundancy. We further simulate large-scale swarms of up to 1,000,000 devices to validate the efficiency of FeSA in large-scale swarms. Last, the security analysis proves the ability of FeSA to resist various attacks.
Keywords
Remote attestation, Internet of Things, federated learning
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Dependable and Secure Computing
Volume
20
Issue
4
First Page
2954
Last Page
2969
ISSN
1545-5971
Identifier
10.1109/TDSC.2022.3193106
Publisher
Institute of Electrical and Electronics Engineers
Citation
KUANG, Boyu; FU, Anmin; GAO, Yansong; ZHANG, Yuqing; ZHOU; DENG, Robert H.; and DENG, Robert H..
FeSA: Automatic federated swarm attestation on dynamic large-scale IoT devices. (2023). IEEE Transactions on Dependable and Secure Computing. 20, (4), 2954-2969.
Available at: https://ink.library.smu.edu.sg/sis_research/8187
Copyright Owner and License
Authors
Additional URL
https://doi.org/10.1109/TDSC.2022.3193106