Skip to main content
SpringerLink
Log in

Remote Software-Based Attestation for Wireless Sensors

  • Conference paper
Security and Privacy in Ad-hoc and Sensor Networks (ESAS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3813))

Included in the following conference series:

Abstract

Wireless sensor networks are envisioned to be deployed in mission-critical applications. Detecting a compromised sensor, whose memory contents have been tampered, is crucial in these settings, as the attacker can reprogram the sensor to act on his behalf. In the case of sensors, the task of verifying the integrity of memory contents is difficult as physical access to the sensors is often infeasible. In this paper, we propose a software-based approach to verify the integrity of the memory contents of the sensors over the network without requiring physical contact with the sensor. We describe the building blocks that can be used to build a program for attestation purposes, and build our attestation program based on these primitives. The success of our approach is not dependent on accurate measurements of the execution time of the attestation program. Further, we do not require any additional hardware support for performing remote attestation. Our attestation procedure is designed to detect even small memory changes and is designed to be resistant against modifications by the attacker.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Atmel AVR 8-bit RISC processor, http://www.atmel.com/atmel/products/prod23.htm

  2. Mica2 series, http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/MICA2_Datasheet.pdf

  3. TI MSP-430 processor, http://focus.ti.com/mcu/docs/techdocs.tsp?navSection=user_guides&templateId=5246&familyId=342

  4. Aucsmith, D.: Tamper resistant software. In: Proceedings of the First Information Hiding Workshop (1996)

    Google Scholar 

  5. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Chang, H., Atallah, M.J.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 160–175. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Cohen, F.: Operating system protection through program evolution. Computers and Security (1993)

    Google Scholar 

  8. Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report, Technical Report 148, Department of Computer Science, University of Auckland (July 1997)

    Google Scholar 

  9. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: Principles of Programming Languages 1998, POPL 1998, San Diego, CA (January 1998)

    Google Scholar 

  10. Collberg, C.S., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Transactions on Software Engineering 28, 735–746 (2002)

    Article  Google Scholar 

  11. Wurster, A.S.G., van Oorschot, P.C.: A generic attack on checksumming-based software tamper resistance. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2005)

    Google Scholar 

  12. Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled Physical Random Functions. In: Proceedings of the 18th Annual Computer Security Conference (December 2002)

    Google Scholar 

  13. Gassend, B.L.P.: Physical random functions. Master’s thesis, Massachusetts Institute of Technology (February 2003)

    Google Scholar 

  14. Hada, S.: Zero-knowledge and code obfuscation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 443–457. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  15. Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D., Pister, K.: System architecture directions for network sensors. In: ASPLOS-IX: Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, Cambridge (November 2000)

    Google Scholar 

  16. Horne, B., Matheson, L.R., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Horwitz, S.: Precise flow-insensitive may-alias analysis is np-hard. ACM Trans. Program. Lang. Syst. 19(1), 1–6 (1997), doi:10.1145/239912.239913

    Article  Google Scholar 

  18. Jeong, J., Culler, D.: Incremental network programming for wireless sensors. In: The First IEEE International Conference on Sensor and Ad hoc Communications and Networks (October 2004)

    Google Scholar 

  19. Jr., N.L.P., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot - a coprocessor-based kernel runtime integrity monitor. In: USENIX Security Symposium, pp. 179–194 (2004)

    Google Scholar 

  20. Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: 12th USENIX Security Symposium, August 2003, pp. 295–310. USENIX Association (2003)

    Google Scholar 

  21. Kennell, R., Jamieson, L.H.: An analysis of proposed attacks against genuinity tests. Technical report, Purdue University, 09, CERIAS TR 2004-27 (2004)

    Google Scholar 

  22. Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: Proceedings of USENIX Security 2004, San Diego, CA, August 2004, pp. 255–270 (2004)

    Google Scholar 

  23. Kuennen, T.: Small science will bring big changes to roads, http://www.betterroads.com/articles/jul04a.htm

  24. Landi, W., Ryder, B.G.: Pointer-induced aliasing: a problem taxonomy. In: POPL 1991: Proceedings of the 18th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, Orlando, Florida, United States, pp. 93–103. ACM Press, New York (1991)

    Chapter  Google Scholar 

  25. Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. In: ASPLOS-IX: Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, pp. 168–177. ACM Press, New York (2000)

    Google Scholar 

  26. Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: CCS 2003: Proceedings of the 10th ACM conference on Computer and communications security, pp. 290–299. ACM Press, New York (2003)

    Chapter  Google Scholar 

  27. Lynn, B.Y.S., Prabhakaran, M., Sahai, A.: Positive results and techniques for obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  28. Ogiso, T., Sakabe, Y., Soshi, M., Miyaji, A.: Software tamper resistance based on the difficulty of interprocedural analysis (August 2002)

    Google Scholar 

  29. Ogiso, T., Sakabe, Y., Soshi, M., Miyaji, A.: Software obfuscation on a theoretical basis and its implementation. In: IEICE Transactions on Fundamentals, January 2003, vol. E86-A, pp. 176–186 (2003)

    Google Scholar 

  30. Ramalingam, G.: The undecidability of aliasing. ACM Trans. Program. Lang. Syst. 16(5), 1467–1471 (1994), doi:10.1145/186025.186041

    Article  Google Scholar 

  31. Sailer, R., Jaeger, T., Zhang, X., van Doorn, L.: Attestation-based policy enforcement for remote access. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 308–317. ACM Press, New York (2004)

    Chapter  Google Scholar 

  32. Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: Software-based Attestation for Embedded Devicesi. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2004)

    Google Scholar 

  33. Shankar, U., Chew, M., Tygar, J.: Side effects are not sufficient to authenticate software. In: 13th USENIX Security Symposium, August 2004, USENIX Association (2004)

    Google Scholar 

  34. Shi, E., Perrig, A., Doorn, L.V.: Bind: A time-of-use attestation service for secure distributed systems. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2005)

    Google Scholar 

  35. Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: architecture for tamper-evident and tamper-resistant processing. In: ICS 2003: Proceedings of the 17th annual international conference on Supercomputing, pp. 160–171. ACM Press, New York (2003)

    Chapter  Google Scholar 

  36. Varnovsky, N.P., Zakharov, V.A.: On the possibility of provably secure obfuscating programs. In: Ershov Memorial Conference, pp. 91–102 (2003)

    Google Scholar 

  37. Wang, C., Hill, J., Knight, J., Davidson, J.: Software tamper resistance: Obstructing static analysis of programs. Technical report, University of Virginia, Charlottesville, VA, USA (2000)

    Google Scholar 

  38. Wroblewski, G.: General Method of Program Code Obfuscation. PhD thesis, Wroclaw University of Technology, Institute of Engineering Cybernetics (2002)

    Google Scholar 

  39. Yang, J., Zhang, Y., Gao, L.: Fast secure processor for inhibiting software piracy and tampering. In: MICRO 36: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture, Washington, DC, USA, p. 351. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  40. Zhuang, X., Zhang, T., Pande, S.: HIDE: an infrastructure for efficiently protecting information leakage on the address bus. In: ASPLOS-XI: Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, Boston, MA, USA, pp. 72–84. ACM Press, New York (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering, University of Minnesota, Twin Cities

    Mark Shaneck, Karthikeyan Mahadevan, Vishal Kher & Yongdae Kim

Authors
  1. Mark Shaneck
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karthikeyan Mahadevan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vishal Kher
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yongdae Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut Eurecom, 2229 Route des Cretes, 06904, Sophia-Antipolis, France

    Refik Molva

  2. Computer Science Department, University of California, Irvine,  

    Gene Tsudik

  3. NEC Europe Ltd.,,  

    Dirk Westhoff

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shaneck, M., Mahadevan, K., Kher, V., Kim, Y. (2005). Remote Software-Based Attestation for Wireless Sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2005. Lecture Notes in Computer Science, vol 3813. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11601494_3

Download citation

  • DOI: https://doi.org/10.1007/11601494_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30912-3

  • Online ISBN: 978-3-540-31615-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation