Attestation is a mechanism used by a trusted entity to validate the software integrity of an untrusted platform. Over the last years, several attestation techniques have been proposed. While they all use variants of a challenge-response protocol, they make different assumptions about what an attacker can and cannot do. Thus, they propose intrinsically divergent validation approaches. We survey in this paper the different approaches to attestation focussing in particular on those aimed at Wireless Sensor Networks. We discuss the motivations, challenges, assumptions, and attacks of each approach. We then organise them in a taxonomy and discuss the state of the art, carefully analysing the advantages and disadvantages of each proposal. We also point towards the open research problems and give directions on how to address them.
C-MAC is a highly configurable MAC protocol realized as an architecture of medium access control strategies that can be combined to produce application-specific protocols. By selecting the proper strategies and configuring their parameters, programmers can instantiate MAC protocols that closely match their applications' requirements. C-MAC relies on static metaprogramming techniques to achieve high configurability without compromising size and performance. A previous implementation of C-MAC for the Mica2 mote produced B-MAC-like instances that are smaller, faster, and make better use of the network than the original TINYOS B-MAC. In this work, we implemented and evaluated EPOS C-MAC in the scope of the EPOSMote project. The EPOSMote devices used in this work feature an IEEE 802.15.4 compliant radio. This motivated us to evaluate additional configuration parameters, including synchronization (e.g. beacon-based), contention, and data handling (e.g. error detection). As a result, C-MAC has undergone a major redesign and now features an architecture whose elements are more fine-grained and thus can be reused in a larger variety of scenarios.
In this paper, we describe an efficient methodology to guide investigators during network forensic analysis. To this end, we introduce the concept of core attack graph, a compact representation of the main routes an attacker can take towards specific network targets. Such compactness allows forensic investigators to focus their efforts on critical nodes that are more likely to be part of attack paths, thus reducing the overall number of nodes (devices, network privileges) that need to be examined. Nevertheless, core graphs also allow investigators to hierarchically explore the graph in order to retrieve different levels of summarised information. We have evaluated our approach over different network topologies varying parameters such as network size, density, and forensic evaluation threshold.Our results demonstrate that we can achieve the same level of accuracy provided by standard logical attack graphs while significantly reducing the exploration rate of the network.
Receiver-based MAC (RB-MAC) is a preamblesampling MAC protocol for WSNs in which a receiver node is dynamically elected, among potential neighbors of the sender node, based on current channel conditions. In this paper, we evaluate the performance of RB-MAC and compare it with a senderbased preamble-sampling MAC protocol by using analytical methods, and implementation in real sensor nodes. We have used Configurable MAC (C-MAC), which is a framework to develop different MAC protocols in WSNs. This framework is realized as a component architecture that can produce application-specific communication protocols. The experimental results presented in the paper corroborate with the analytical and numerical results showing how RB-MAC outperforms sender-based MAC protocols in terms of transmission delay, and energy consumption.
It is a mistake to assume that each embedded object in the Internet of Things will implement a TCP/IP stack similar to those present in contemporary operating systems. Typical requirements of ordinary things, such as low power consumption, small size, and low cost, demand innovative solutions. In this article, we describe the design, implementation, and evaluation of a trustful infrastructure for the Internet of Things based on EPOSMote. The infrastructure was built around EPOS' second generation of motes, which features an ARM processor and an IEEE 802.15.4 radio transceiver. It is presented to end users through a trustful communication protocol stack compatible with TCP/IP. Trustfulness was tackled at MAC level by extending C-MAC, EPOS native MAC protocol, with AES capabilities that were used to encrypt and authenticate IP datagrams packets. Our authentication mechanism encompasses temporal information to protect the network against replay attacks. The prototype implementation was assessed for processing, memory, and energy consumption with positive results.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.