Distributed services attestation in IoT

Abstract

Remote attestation has emerged as a powerful security mechanism that ascertains the legitimate operation of potential untrusted devices. In particular, it is used to establish trust in Internet of Things (IoT) devices, which are becoming ubiquitous and are increasingly interconnected, making them more vulnerable to malware attacks. A considerable number of prior works in Remote attestation aim to detect the presence of malware in IoT devices by validating the correctness of the software running on a single device. However, the interoperability between IoT devices raises a need for an extension of the existing attestation schemes towards an approach that detects the possible malicious behavior of devices caused by compromised remote services in the system. In this paper, we discuss the impact of a compromised service in a distributed service setting. We show that due to a malicious input received, a device of the distributed service can perform an unexpected task, even though it runs a genuine software. To detect these devices that exhibit a non legitimate behavior in the system, we propose a novel approach that ensures the integrity of distributed services in a collaborative IoT system. We discuss the effectiveness of our proposal on validating the impact of a malicious service over a set of distributed services.