CRAFT: A Continuous Remote Attestation Framework for IoT

Abstract

As Internet of Things (IoT) networks keep growing with regards to the number of devices they contain, they become more attractive targets for attackers. Protecting these networks and the IoT devices they encompass is a major security challenge, and remote attestation enables checking of the integrity of devices (and thus networks). There are three categories of existing remote attestation protocols: software, hardware and hybrid attestation protocols. However, they all tackle specific issues only, such as small networks, IoT swarms, static networks, device-to-device attestation and network attestation. To provide as generic a solution as possible, which enhances security, we propose CRAFT, the first agnostic continuous remote attestation framework for IoT. CRAFT can be used in any real-world IoT network topology and can use any preexisting remote attestation protocol while remaining open to upgrades and extensions. A rigorous performance evaluation shows that CRAFT is very flexible and improves network security with little or no overhead, depending on the chosen parameters.