Submit

Login Login

Register Register

Home/ Journals/ CMC/ Vol.67, No.1, 2021/ 10.32604/cmc.2021.014523

Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

SAPEM: Secure Attestation of Program Execution and Program Memory for IoT Applications

Nafisa Ahmed1, Manar Abu Talib2,*, Qassim Nasir3

1 Research Institute of Science and Engineering, University of Sharjah, Sharjah, UAE
2 Department of Computer Science, University of Sharjah, Sharjah, UAE
3 Department of Electrical Engineering, University of Sharjah, Sharjah, UAE

* Corresponding Author: Manar Abu Talib. Email: email

(This article belongs to the Special Issue: Security Issues in Industrial Internet of Things)

Computers, Materials & Continua 2021, 67(1), 23-49. https://doi.org/10.32604/cmc.2021.014523

Received 26 September 2020; Accepted 26 October 2020; Issue published 12 January 2021

Abstract

Security is one of the major challenges that devices connected to the Internet of Things (IoT) face today. Remote attestation is used to measure these devices’ trustworthiness on the network by measuring the device platform’s integrity. Several software-based attestation mechanisms have been proposed, but none of them can detect runtime attacks. Although some researchers have attempted to tackle these attacks, the proposed techniques require additional secured hardware parts to be integrated with the attested devices to achieve their aim. These solutions are expensive and not suitable in many cases. This paper proposes a dual attestation process, SAPEM, with two phases: static and dynamic. The static attestation phase examines the program memory of the attested device. The dynamic program flow attestation examines the execution correctness of the application code. It can detect code injection and runtime attacks that hijack the control-flow, including data attacks that affect the program control-flow. The main aim is to minimize attestation overhead while maintaining our ability to detect the specified attacks. We validated SAPEM by implementing it on Raspberry Pi using its TrustZone extension. We attested it against the specified attacks and compared its performance with the related work in the literature. The results show that SAPEM significantly minimizes performance overhead while reliably detecting runtime attacks at the binary level.

Keywords

Cite This Article

N. Ahmed, M. Abu Talib and Q. Nasir, "Sapem: secure attestation of program execution and program memory for iot applications," Computers, Materials & Continua, vol. 67, no.1, pp. 23–49, 2021. https://doi.org/10.32604/cmc.2021.014523
BibTex EndNote RIS



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 2565

    View

  • 1703

    Download

  • 0

    Like

Related articles

Copyright© 2024 Tech Science Press
© 1997-2024 TSP (Henderson, USA) unless otherwise stated

Share Link