Abstract
This paper builds on previous work introducing the Secure Remote Update Protocol (SRUP), a secure communications protocol for Command and Control applications in the Internet of Things, built on top of MQTT. This paper builds on the original protocol and introduces a number of additional message types: adding additional capabilities to the protocol. We also discuss the difficulty of proving that a physical device has an identity corresponding to a logical device on the network and propose a mechanism to overcome this within the protocol.
Highlights
In our original paper [1], we presented the Secure Remote Update Protocol (SRUP), a Command and Control (C2) protocol for Internet of Things devices, and focused on how the protocol can be used to implement a robust and secure software update
With the proliferation of Internet of Things (IoT) devices seen over the last few years, such devices have been the targets of those wishing to create networks of slave devices, with which to stage Distributed Denial of Service (DDoS) attacks
This implementation consisted of an IoT C2 system: using the Mosquitto broker; a Raspberry Pi 3 as an example device, alongside an example device-side daemon; and a C2 server
Summary
In our original paper [1], we presented the Secure Remote Update Protocol (SRUP), a Command and Control (C2) protocol for Internet of Things devices, and focused on how the protocol can be used to implement a robust and secure software update. The Secure Remote Update Protocol has been designed to exploit extant commodity open-source software and open standards It takes advantage of existing and commonly-used protocols and techniques for Internet communications, but combines them in a unique and novel way to provide an integrated protocol to conduct C2 operations for IoT devices, autonomous systems and other related platforms. An algorithm such as RSA is used indirectly to encrypt a symmetric key that is used to encrypt the actual data; or to sign a secure hash of the data, rather than the full data This is the approach taken within the Secure Remote Update Protocol, where messages are protected by signing the SAH-256 hash value of the message, to provide assurance that the message has not been tampered with in transit. Any message from a device can be authenticated by the server, using the copy of the device’s public key held by the server
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call