Résumé: he Internet of Things (IoT) is shaped by increasing number of low-cost Internet-connected embedded devices that are becoming ubiquitous in every aspect of modern life, including safety- and privacy-critical application scenarios. Such devices offer limited or no security features, creating a large new attack surface. One key component in securing these devices is software integrity checking, which is typically attained with Remote Attestation (RA). RA is a security service that helps in detecting malware-infected IoT devices through remotely verifying their internal state by a trusted party. In the vast majority of IoT application domains, IoT devices operate in swarms or groups to achieve common tasks. Existing swarm attestation techniques are still rigid and not smart enough to address heterogeneity and adapt the different requirements of various IoT devices connected to a swarm, thus triggering the need for more efficient swarm attestation schemes. In this article, we present WISE, the first intelligent swarm attestation scheme that takes into account the various characteristics, differences, and requirements of connected devices in a swarm, aiming at minimizing the communication overhead while preserving an adequate level of security. WISE depends on a resource-efficient smart broadcast authentication scheme where devices are organized in fine-grained multi-clusters, and whenever needed, the most likely compromised devices are attested. The candidate devices are selected intelligently taking into account the attestation history and diverse characteristics and constraints of each device in the swarm. We show that WISE is suitable for resource-constrained embedded devices, highly efficient and scalable in static and dynamic heterogeneous IoT networks, and offers an adjustable level of security.

Langue: Anglais