Internet of Things (IoT) devices and applications can have significant
vulnerabilities, which may be exploited by adversaries to cause considerable
harm. An important approach for mitigating this threat is remote attestation,
which enables the defender to remotely verify the integrity of devices and
their software. There are a number of approaches for remote attestation, and
each has its unique advantages and disadvantages in terms of detection accuracy
and computational cost. Further, an attestation method may be applied in
multiple ways, such as various levels of software coverage. Therefore, to
minimize both security risks and computational overhead, defenders need to
decide strategically which attestation methods to apply and how to apply them,
depending on the characteristic of the devices and the potential losses.

To answer these questions, we first develop a testbed for remote attestation
of IoT devices, which enables us to measure the detection accuracy and
performance overhead of various attestation methods. Our testbed integrates two
example IoT applications, memory-checksum based attestation, and a variety of
software vulnerabilities that allow adversaries to inject arbitrary code into
running applications. Second, we model the problem of finding an optimal
strategy for applying remote attestation as a Stackelberg security game between
a defender and an adversary. We characterize the defender’s optimal attestation
strategy in a variety of special cases. Finally, building on experimental
results from our testbed, we evaluate our model and show that optimal strategic
attestation can lead to significantly lower losses than naive baseline

By admin