Secure dissemination of software updates for intelligent mobility in future wireless networks

Jong Hyup Lee, Taekyoung Kwon

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

Wireless mobile networks frequently need remote software updates to add or adjust the tasks of mobile nodes. Software update traffic, particularly in the Internet of Things (IoT), should be carefully handled since attackers can easily compromise a number of unattended devices by modifying a piece of code in the software update routine. These attacks are quite realistic and harmful as seen in the real world. To protect lower-powered mobile devices, an in-network detection mechanism is preferred. However, due to the mobility of devices, it is difficult to set a network monitor with complete context of software updates. Moreover, even the conventional integrity checks can be fooled by a replaced binary code or minimized modification. In this paper, we tackle this problem and propose CodeDog, a new approach to check the integrity of software updates in mobile environments. CodeDog generates a binary code with semantics markers. A validation of those markers proves the control flow semantics was unchanged. It can be performed on program fragments for in-network monitoring to protect incapable devices. Our evaluation result shows that CodeDog can prevent attacks in the supply chain with 4.2 % storage overhead.

Original languageEnglish
Article number250
JournalEurasip Journal on Wireless Communications and Networking
Volume2016
Issue number1
DOIs
Publication statusPublished - 2016 Dec 1

Fingerprint

Binary codes
Wireless networks
Semantics
Flow control
Mobile devices
Supply chains
Monitoring
Internet of things

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Computer Science Applications
  • Computer Networks and Communications

Cite this

@article{c5bf0062bfca4213826ba2b1bbdec0f1,
title = "Secure dissemination of software updates for intelligent mobility in future wireless networks",
abstract = "Wireless mobile networks frequently need remote software updates to add or adjust the tasks of mobile nodes. Software update traffic, particularly in the Internet of Things (IoT), should be carefully handled since attackers can easily compromise a number of unattended devices by modifying a piece of code in the software update routine. These attacks are quite realistic and harmful as seen in the real world. To protect lower-powered mobile devices, an in-network detection mechanism is preferred. However, due to the mobility of devices, it is difficult to set a network monitor with complete context of software updates. Moreover, even the conventional integrity checks can be fooled by a replaced binary code or minimized modification. In this paper, we tackle this problem and propose CodeDog, a new approach to check the integrity of software updates in mobile environments. CodeDog generates a binary code with semantics markers. A validation of those markers proves the control flow semantics was unchanged. It can be performed on program fragments for in-network monitoring to protect incapable devices. Our evaluation result shows that CodeDog can prevent attacks in the supply chain with 4.2 {\%} storage overhead.",
author = "Lee, {Jong Hyup} and Taekyoung Kwon",
year = "2016",
month = "12",
day = "1",
doi = "10.1186/s13638-016-0746-6",
language = "English",
volume = "2016",
journal = "Eurasip Journal on Wireless Communications and Networking",
issn = "1687-1472",
publisher = "Springer Publishing Company",
number = "1",

}

TY - JOUR

T1 - Secure dissemination of software updates for intelligent mobility in future wireless networks

AU - Lee, Jong Hyup

AU - Kwon, Taekyoung

PY - 2016/12/1

Y1 - 2016/12/1

N2 - Wireless mobile networks frequently need remote software updates to add or adjust the tasks of mobile nodes. Software update traffic, particularly in the Internet of Things (IoT), should be carefully handled since attackers can easily compromise a number of unattended devices by modifying a piece of code in the software update routine. These attacks are quite realistic and harmful as seen in the real world. To protect lower-powered mobile devices, an in-network detection mechanism is preferred. However, due to the mobility of devices, it is difficult to set a network monitor with complete context of software updates. Moreover, even the conventional integrity checks can be fooled by a replaced binary code or minimized modification. In this paper, we tackle this problem and propose CodeDog, a new approach to check the integrity of software updates in mobile environments. CodeDog generates a binary code with semantics markers. A validation of those markers proves the control flow semantics was unchanged. It can be performed on program fragments for in-network monitoring to protect incapable devices. Our evaluation result shows that CodeDog can prevent attacks in the supply chain with 4.2 % storage overhead.

AB - Wireless mobile networks frequently need remote software updates to add or adjust the tasks of mobile nodes. Software update traffic, particularly in the Internet of Things (IoT), should be carefully handled since attackers can easily compromise a number of unattended devices by modifying a piece of code in the software update routine. These attacks are quite realistic and harmful as seen in the real world. To protect lower-powered mobile devices, an in-network detection mechanism is preferred. However, due to the mobility of devices, it is difficult to set a network monitor with complete context of software updates. Moreover, even the conventional integrity checks can be fooled by a replaced binary code or minimized modification. In this paper, we tackle this problem and propose CodeDog, a new approach to check the integrity of software updates in mobile environments. CodeDog generates a binary code with semantics markers. A validation of those markers proves the control flow semantics was unchanged. It can be performed on program fragments for in-network monitoring to protect incapable devices. Our evaluation result shows that CodeDog can prevent attacks in the supply chain with 4.2 % storage overhead.

UR - http://www.scopus.com/inward/record.url?scp=84991728733&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84991728733&partnerID=8YFLogxK

U2 - 10.1186/s13638-016-0746-6

DO - 10.1186/s13638-016-0746-6

M3 - Article

VL - 2016

JO - Eurasip Journal on Wireless Communications and Networking

JF - Eurasip Journal on Wireless Communications and Networking

SN - 1687-1472

IS - 1

M1 - 250

ER -