Memory attestation of wireless sensor nodes through trusted remote agents

Abstract

Wireless sensor networks (WSNs) have been deployed in various commercial, scientific, and military applications for surveillance and critical data collection. A serious threat to sensor nodes is malicious code injection attack that results in fake data delivery or private data disclosure. Memory attestation used for verifying the integrity of a device's firmware is a promising solution for detecting an infected sensor node; particularly, low-cost software-based schemes are suitable for protecting resource-constrained sensor nodes. However, a software-based attestation usually requires some additional mechanisms for providing reliable integrity evidence when the sensor nodes communicate with the verifier through a multihop setting. Alternative hardware-based attestation (e.g. trusted platform module) ensures a reliable integrity measurement that, however, is impractical for certain WSN applications primarily because of the high computational overhead and high hardware cost. The authors propose a lightweight hardware-based memory attestation scheme against the malicious code injection attack, and the proposed scheme employs a lightweight tamper-resistant hardware security module, which is free from any complicated cryptographic computation and is particularly suitable for low-cost sensor nodes. In addition, experimental results demonstrating the effectiveness of the proposed scheme are presented.