Edlira Dushku scite author profile

The North Atlantic Treaty Organization (NATO) Research Task Group IST-152 developed a concept and a reference architecture for intelligent software agents performing active, largely autonomous cyber-defense actions on military assets. The group released a detailed report, briefly reviewed in this article, where such an agent is referred to as an Autonomous Intelligent Cyber-defense Agent (AICA). In a conflict with a technically sophisticated adversary, NATO military networks will operate in a heavily contested battlefield. Enemy malware will likely infiltrate and attack friendly networks and systems. Today’s reliance on human cyber defenders will be untenable on the future battlefield. Instead, artificially intelligent agents, such as AICAs, will be necessary to defeat the enemy malware in an environment of potentially disrupted communications where human intervention may not be possible. The IST-152 group identified specific capabilities of AICA. For example, AICA will have to be capable of autonomous planning and execution of complex multi-step activities for defeating or degrading sophisticated adversary malware, with the anticipation and minimization of resulting side effects. It will have to be capable of adversarial reasoning to battle against a thinking, adaptive malware. Crucially, AICA will have to keep itself and its actions as undetectable as possible, and will have to use deceptions and camouflage. The report identifies the key functions and components and their interactions for a potential reference architecture of such an agent, as well as a tentative roadmap toward the capabilities of AICA.

show abstract

RADIS: Remote Attestation of Distributed IoT Services

Conti

Dushku

Mancini

2019

View full text Add to dashboard Cite

Remote attestation is a security technique by which a potentially untrusted device called Prover can evidence its current state to an external trusted party called Verifier. The main goal of a remote attestation protocol is to guarantee the reliability of the evidence, such that the Verifier can verify remotely the trustworthiness of the Prover. In the Internet of Things (IoT) systems, which are increasingly becoming exposed to a broad range of exploitations, the existing remote attestation protocols aim to check the integrity of each individual IoT device by detecting the modified softwares and physical tampering attacks. However, in an interconnected IoT system, in which IoT devices interact autonomously among themselves, a compromised IoT service can influence the genuine operation of other invoked service, without changing the software.In this paper, we show how a compromised service in a distributed IoT service can induce malicious behavior on genuine services, and we highlight the need for distributed services attestation. We propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which provides a complete evidence about the trustworthiness of distributed IoT services. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Additionally, RADIS traces the interactions between IoT distributed services, allowing the Verifier to check whether the activities follow a legitimate interaction model. We discuss the effectiveness of our protocol in validating the integrity status of a distributed IoT service.

show abstract

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Ankergård

Dushku

Dragoni

2021

Sensors

View full text Add to dashboard Cite

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

show abstract

Remote Attestation as a Service for IoT

Conti

Dushku

Mancini

et al. 2019

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Edlira Dushku

SARA: Secure Asynchronous Remote Attestation for IoT Systems

An introductory preview of Autonomous Intelligent Cyber-defense Agent reference architecture, release 2.0

RADIS: Remote Attestation of Distributed IoT Services

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Remote Attestation as a Service for IoT

Contact Info

Product

Resources

About