Sign In

Program-Flow Attestation of an IoT Application Software

Student: Nafisa Ahmed

Degree (Masters, PhD): Masters (Computer Science)

Grant Source: UoS,  Emirates NBD and DESC

Target Customer : Emirates NBD

Completion Year: Fall 2017/2018-present

A brief description of the thesis (abstract):

Security of the Internet of Things (IoT) is one of the major challenges that IoT devices face today. The remote attestation is the process of measuring the integrity of these devices over the network by detecting modification of software or hardware from the original configuration. Several remote software-based attestation mechanisms have been introduced, that rely on strict time constraints and other impractical constraints that make them inconvenient for IoT systems. Although some research is done to address these issues, they integrated trusted hardware devices to the attested devices to accomplish their aim, which is costly and not convenient for many use cases. In this thesis, we propose "Dual Attestation" that includes two stages: static and dynamic. The static attestation phase checks the memory of the attested device. The dynamic attestation technique checks the execution correctness of the application code and is able to detect the runtime attacks. The objectives are to minimize the overhead and detect these attacks, by developing an optimized dynamic technique that checks the application program flow. The optimization will be done in the prover and the verifier sides.