A Review on Evaluation and Configuration of Fault Injection Attack Instruments to Design Attack Resistant MCU-Based IoT Applications

The Internet-of-Things (IoT) has gained significant importance in all aspects of daily life, and there are many areas of application for it. Despite the rate of expansion and the development of infrastructure, such systems also bring new concerns and challenges. Security and privacy are at the top of the list and must be carefully considered by designers and manufacturers. Not only do the devices need to be protected against software and network-based attacks, but proper attention must also be paid to recently emerging hardware-based attacks. However, low-cost unit software developers are not always sufficiently aware of existing vulnerabilities due to these kinds of attacks. To tackle the issue, various platforms are proposed to enable rapid and easy evaluation against physical attacks. Fault attacks are the noticeable type of physical attacks, in which the normal and secure behavior of the targeted devices is liable to be jeopardized. Indeed, such attacks can cause serious malfunctions in the underlying applications. Various studies have been conducted in other research works related to the different aspects of fault injection. Two of the primary means of fault attacks are clock and voltage fault injection. These attacks can be performed with a moderate level of knowledge, utilizing low-cost facilities to target IoT systems. In this paper, we explore the main parameters of the clock and voltage fault generators. This can help hardware security specialists to develop an open-source platform and to evaluate their design against such attacks. The principal concepts of both methods are studied for this purpose. Thereafter, we conclude our paper with the need for such an evaluation platform in the design and production cycle of embedded systems and IoT devices.

Download Full-text

A Low-Cost Fault Injection Attack Resilient FSM Design

10.1109/socc49529.2020.9524779 ◽

2020 ◽

Author(s):

Ziming Wang ◽

Aijiao Cui ◽

Gang Qu

Keyword(s):

Fault Injection ◽

Low Cost ◽

Fault Injection Attack

Download Full-text

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Technologies ◽

10.3390/technologies8040050 ◽

2020 ◽

Vol 8 (4) ◽

pp. 50

Author(s):

Anthony Overmars ◽

Sitalakshmi Venkatraman

Keyword(s):

Monitoring System ◽

Low Cost ◽

Water Monitoring ◽

Security And Privacy ◽

Security Model ◽

Smart Environment ◽

Iot Security ◽

Security Controls ◽

Smart Water ◽

Iot Devices

Recent growth in the Internet of Things (IoT) looks promising for realizing a smart environment of the future. However, concerns about the security of IoT devices are escalating as they are inherently constrained by limited resources, heterogeneity, and lack of standard security controls or protocols. Due to their inability to support state-of-the-art secure network protocols and defense mechanisms, standard security solutions are unsuitable for dynamic IoT environments that require large and smart IoT infrastructure deployments. At present, the IoT based smart environment deployments predominantly use cloud-centric approaches to enable continuous and on-demand data exchange that leads to further security and privacy risks. While standard security protocols, such as Virtual Private Networks (VPNs), have been explored for certain IoT environments recently, the implementation models reported have several variations and are not practically scalable for any dynamically scalable IoT deployment. This paper addresses current drawbacks in providing the required flexibility, interoperability, scalability, and low-cost practical viability of a secure IoT infrastructure. We propose an adaptive end-to-end security model that supports the defense requirements for a scalable IoT infrastructure. With low-cost embedded controllers, such as the Raspberry Pi, allowing for the convergence of more sophisticated networking protocols to be embedded at the IoT monitoring interface, we propose a scalable IoT security model integrating both the IoT devices and the controller as one embedded device. Our approach is unique, with a focus on the integration of a security protocol at the embedded interface. In addition, we demonstrate a prototype implementation of our IoT security model for a smart water monitoring system. We believe that our modest first step would instill future research interests in this direction.

Download Full-text

Practical, Low-Cost Fault Injection Attacks on Personal Smart Devices

Applied Sciences ◽

10.3390/app12010417 ◽

2022 ◽

Vol 12 (1) ◽

pp. 417

Author(s):

Shaked Delarea ◽

Yossi Oren

Keyword(s):

Fault Injection ◽

Low Cost ◽

Device Under Test ◽

Smart Devices ◽

Fault Attacks ◽

Threat Model ◽

Software Application ◽

Injection Attacks ◽

Close Proximity ◽

Fault Injection Attacks

Fault attacks are traditionally considered under a threat model that assumes the device under test is in the possession of the attacker. We propose a variation on this model. In our model, the attacker integrates a fault injection circuit into a malicious field-replaceable unit, or FRU, which is later placed by the victim in close proximity to their own device. Examples of devices which incorporate FRUs include interface cards in routers, touch screens and sensor assemblies in mobile phones, ink cartridges in printers, batteries in health sensors, and so on. FRUs are often installed by after-market repair technicians without properly verifying their authenticity, and previous works have shown they can be used as vectors for various attacks on the privacy and integrity of smart devices. We design and implement a low-cost fault injection circuit suitable for placement inside a malicious FRU, and show how it can be used to practically extract secrets from a privileged system process through a combined hardware-software approach, even if the attacker software application only has user-level permissions. Our prototype produces highly effective and repeatable attacks, despite its cost being several orders of magnitude less than that of commonly used fault injection analysis lab setups. This threat model allows fault attacks to be carried out remotely, even if the device under test is in the hands of the victim. Considered together with recent advances in software-only fault attacks, we argue that resistance to fault attacks should be built into additional classes of devices.

Download Full-text

A Lightweight Authentication Method in Perception Layer of IoT Through Digital Watermarking

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.c4793.098319 ◽

2019 ◽

Vol 8 (3) ◽

pp. 2937-2942

Keyword(s):

Internet Of Things ◽

Temporal Dynamics ◽

Low Cost ◽

Security Analysis ◽

Living Environment ◽

Security And Privacy ◽

Sensitive Data ◽

Privacy And Security ◽

Iot Devices ◽

Lightweight Authentication

Introduction of IoT (Internet of Things) has enjoyed vigorous support from governments and research institutions around the world, and remarkable achievements have been obtained till date. IoT systems collect the voluminous amount of data in real time from hospitals, battlefield and daily living environment which is related to privacy and security of people. So, securing collected sensitive data is one of the major challenges in the development of IoT systems. Authenticating the source of collected data is utmost important because the adversary may act as a source which may lead to a breach in security and privacy of people using the IoT network. IoT devices are resource scarce so lightweight methods for network security and privacy need to develop to achieve future development goals. In this paper, a novel lightweight node to node authentication scheme based on watermark is proposed to solve the contradiction between the security and restricted resources of perception layer. To improve the security, Proposed scheme usage node identity and the number of neighbours as input to generate the watermark and use the watermark to calculate the embedding positions which makes node authentication based on temporal dynamics of sensing network. The generated watermark is embedded in fixed size message digest generated using the variable message as input into a low-cost one-way hashing algorithm LOCHA. The embedded bits of watermark extracted at the receiving node and matched to check the authenticity of the sender node. The security analysis and simulations of the proposed scheme show that it can be a good candidate to ensure the authentication of the resource constraint devices which are integral part of Internet of Things at low cost

Download Full-text

Bringing Security to The Smallest Embedded Systems

10.34048/2017.1.f5 ◽

2017 ◽

Author(s):

JOSEPH YIU

Keyword(s):

Internet Of Things ◽

Embedded Systems ◽

Low Cost ◽

Security Requirements ◽

The Internet ◽

Security Measures ◽

Significant Challenge ◽

Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

Download Full-text

Virtualizing AI at the Distributed Edge Towards Intelligent IoT Applications

Journal of Sensor and Actuator Networks ◽

10.3390/jsan10010013 ◽

2021 ◽

Vol 10 (1) ◽

pp. 13

Author(s):

Claudia Campolo ◽

Giacomo Genovese ◽

Antonio Iera ◽

Antonella Molinaro

Keyword(s):

Resource Constraints ◽

Smart Cities ◽

Traditional Approach ◽

Low Cost ◽

Iot Applications ◽

Software And Hardware ◽

Iot Devices ◽

Consumer Devices ◽

Hardware Platforms ◽

Smart Factories

Several Internet of Things (IoT) applications are booming which rely on advanced artificial intelligence (AI) and, in particular, machine learning (ML) algorithms to assist the users and make decisions on their behalf in a large variety of contexts, such as smart homes, smart cities, smart factories. Although the traditional approach is to deploy such compute-intensive algorithms into the centralized cloud, the recent proliferation of low-cost, AI-powered microcontrollers and consumer devices paves the way for having the intelligence pervasively spread along the cloud-to-things continuum. The take off of such a promising vision may be hurdled by the resource constraints of IoT devices and by the heterogeneity of (mostly proprietary) AI-embedded software and hardware platforms. In this paper, we propose a solution for the AI distributed deployment at the deep edge, which lays its foundation in the IoT virtualization concept. We design a virtualization layer hosted at the network edge that is in charge of the semantic description of AI-embedded IoT devices, and, hence, it can expose as well as augment their cognitive capabilities in order to feed intelligent IoT applications. The proposal has been mainly devised with the twofold aim of (i) relieving the pressure on constrained devices that are solicited by multiple parties interested in accessing their generated data and inference, and (ii) and targeting interoperability among AI-powered platforms. A Proof-of-Concept (PoC) is provided to showcase the viability and advantages of the proposed solution.

Download Full-text

Physical security of deep learning on edge devices: Comprehensive evaluation of fault injection attack vectors

Microelectronics Reliability ◽

10.1016/j.microrel.2021.114116 ◽

2021 ◽

Vol 120 ◽

pp. 114116

Author(s):

Xiaolu Hou ◽

Jakub Breier ◽

Dirmanto Jap ◽

Lei Ma ◽

Shivam Bhasin ◽

...

Keyword(s):

Deep Learning ◽

Comprehensive Evaluation ◽

Fault Injection ◽

Physical Security ◽

Fault Injection Attack

Download Full-text

Editorial for special issue on ”security and privacy protection in the era of IoT devices”

Digital Communications and Networks ◽

10.1016/j.dcan.2021.04.003 ◽

2021 ◽

Vol 7 (2) ◽

pp. 245-246

Author(s):

Weizhi Meng ◽

Daniel Xiapu Luo ◽

Chunhua Su ◽

Debiao He ◽

Marios Anagnostopoulos ◽

...

Keyword(s):

Privacy Protection ◽

Security And Privacy ◽

Special Issue ◽

Iot Devices

Download Full-text

Multi-Blockchain-Based IoT Data Processing Techniques to Ensure the Integrity of IoT Data in AIoT Edge Computing Environments

Sensors ◽

10.3390/s21103515 ◽

2021 ◽

Vol 21 (10) ◽

pp. 3515

Author(s):

Sung-Ho Sim ◽

Yoon-Su Jeong

Keyword(s):

Low Cost ◽

Third Party ◽

Monitoring And Control ◽

Constant Size ◽

Computing Environments ◽

Iot Devices ◽

Cloud Servers ◽

The Cost ◽

Processing Techniques ◽

And Control

As the development of IoT technologies has progressed rapidly recently, most IoT data are focused on monitoring and control to process IoT data, but the cost of collecting and linking various IoT data increases, requiring the ability to proactively integrate and analyze collected IoT data so that cloud servers (data centers) can process smartly. In this paper, we propose a blockchain-based IoT big data integrity verification technique to ensure the safety of the Third Party Auditor (TPA), which has a role in auditing the integrity of AIoT data. The proposed technique aims to minimize IoT information loss by multiple blockchain groupings of information and signature keys from IoT devices. The proposed technique allows IoT information to be effectively guaranteed the integrity of AIoT data by linking hash values designated as arbitrary, constant-size blocks with previous blocks in hierarchical chains. The proposed technique performs synchronization using location information between the central server and IoT devices to manage the cost of the integrity of IoT information at low cost. In order to easily control a large number of locations of IoT devices, we perform cross-distributed and blockchain linkage processing under constant rules to improve the load and throughput generated by IoT devices.

Download Full-text

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2018070104 ◽

2018 ◽

Vol 10 (3) ◽

pp. 61-83 ◽

Cited By ~ 10

Author(s):

Deepali Chaudhary ◽

Kriti Bhushan ◽

B.B. Gupta

Keyword(s):

Cloud Computing ◽

Defense Mechanisms ◽

Low Cost ◽

Fog Computing ◽

Smart Devices ◽

Cloud Environment ◽

Security Issue ◽

Process Data ◽

Ddos Attack ◽

Iot Devices

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and “pay-as-you-go” computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Download Full-text