Ibrahim, Ahmad (2019)
Securing Embedded Networks Through Secure Collective Attestation.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
Kurzbeschreibung (Abstract)
Networks of embedded devices are becoming increasingly popular. Examples of such networks range from small ecosystems, such as home and building automation, to very large infrastructure, e.g., industrial control systems. Devices in these networks usually collect private information and perform safety- and security-critical operations. Therefore, attacks targeting them are critical as they threaten both privacy and safety of humans, and are capable of causing extreme physical damage. A prominent example of such attacks is characterized by the Stuxnet worm which targets industrial control systems and is suspected to have caused substantial damage to Iran's nuclear program. In fact, three classes of attacks are relevant in the context of large embedded networks. These are malware infestation, physical, and runtime attacks.
In this dissertation, we investigate the security of large embedded networks in different deployment scenarios and provide security solutions that allow to scalably secure and manage these networks. In particular, we identify the adversarial assumptions and security requirements for every scenario and provide security protocols, based on remote attestation, that allow the detection of attacks belonging to the three aforementioned classes.
In order to secure large embedded networks, this dissertation presents the design and implementation of several scalable attestation protocols for centralized and autonomous networks. First, we present three scalable attestation protocols for centralized embedded networks that allows the detection of malware infestation attacks. These are accompanied with a systematic treatment of the problem that allows identifying and fulfilling all security requirements. Second, we investigate the problem of physical attacks on large embedded networks defining the capabilities of a physical attacker, and design two scalable attestation protocols that efficiently detect physical attacks in both centralized and autonomous settings. Third, we design a scalable attestation protocol that is capable of efficiently detecting runtime attacks on autonomous systems without disrupting the functionality or safety requirements of these systems. Finally, since management and software updates represent a critical requirement for securing a device as well as an important entry point for attackers, we also present a scalable management protocol for large networks that allows to securely and efficiently broadcast management commands and collect statistics regarding all devices in an embedded network.
Typ des Eintrags: | Dissertation | ||||
---|---|---|---|---|---|
Erschienen: | 2019 | ||||
Autor(en): | Ibrahim, Ahmad | ||||
Art des Eintrags: | Erstveröffentlichung | ||||
Titel: | Securing Embedded Networks Through Secure Collective Attestation | ||||
Sprache: | Englisch | ||||
Referenten: | Sadeghi, Prof. Ahmad-Reza ; Tsudik, Prof. Gene | ||||
Publikationsjahr: | 28 März 2019 | ||||
Ort: | Darmstadt | ||||
Datum der mündlichen Prüfung: | 28 März 2019 | ||||
URL / URN: | https://tuprints.ulb.tu-darmstadt.de/8588 | ||||
Kurzbeschreibung (Abstract): | Networks of embedded devices are becoming increasingly popular. Examples of such networks range from small ecosystems, such as home and building automation, to very large infrastructure, e.g., industrial control systems. Devices in these networks usually collect private information and perform safety- and security-critical operations. Therefore, attacks targeting them are critical as they threaten both privacy and safety of humans, and are capable of causing extreme physical damage. A prominent example of such attacks is characterized by the Stuxnet worm which targets industrial control systems and is suspected to have caused substantial damage to Iran's nuclear program. In fact, three classes of attacks are relevant in the context of large embedded networks. These are malware infestation, physical, and runtime attacks. In this dissertation, we investigate the security of large embedded networks in different deployment scenarios and provide security solutions that allow to scalably secure and manage these networks. In particular, we identify the adversarial assumptions and security requirements for every scenario and provide security protocols, based on remote attestation, that allow the detection of attacks belonging to the three aforementioned classes. In order to secure large embedded networks, this dissertation presents the design and implementation of several scalable attestation protocols for centralized and autonomous networks. First, we present three scalable attestation protocols for centralized embedded networks that allows the detection of malware infestation attacks. These are accompanied with a systematic treatment of the problem that allows identifying and fulfilling all security requirements. Second, we investigate the problem of physical attacks on large embedded networks defining the capabilities of a physical attacker, and design two scalable attestation protocols that efficiently detect physical attacks in both centralized and autonomous settings. Third, we design a scalable attestation protocol that is capable of efficiently detecting runtime attacks on autonomous systems without disrupting the functionality or safety requirements of these systems. Finally, since management and software updates represent a critical requirement for securing a device as well as an important entry point for attackers, we also present a scalable management protocol for large networks that allows to securely and efficiently broadcast management commands and collect statistics regarding all devices in an embedded network. |
||||
Alternatives oder übersetztes Abstract: |
|
||||
URN: | urn:nbn:de:tuda-tuprints-85883 | ||||
Sachgruppe der Dewey Dezimalklassifikatin (DDC): | 000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik | ||||
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit |
||||
Hinterlegungsdatum: | 14 Jul 2019 19:55 | ||||
Letzte Änderung: | 14 Jul 2019 19:55 | ||||
PPN: | |||||
Referenten: | Sadeghi, Prof. Ahmad-Reza ; Tsudik, Prof. Gene | ||||
Datum der mündlichen Prüfung / Verteidigung / mdl. Prüfung: | 28 März 2019 | ||||
Export: | |||||
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |