Remote attestation (RA) is a security mechanism that verifies the trustworthiness of remote IoT devices. Traditional RA protocols aim to detect the presence of malicious code in the static memory of a device. In the IoT domain, RA research is currently following two main directions: Dynamic RA and Swarm RA. Dynamic RA schemes intend to detect runtime attacks that hijack the control-flow execution of a running program without injecting new malicious code into the memory. On the other hand, swarm

more »

... RA protocols focus on attesting efficiently and effectively a large number of IoT devices. However, existing RA protocols do not perform dynamic attestation in asynchronous IoT networks. This paper proposes a RA protocol for Asynchronous Remote Control-Flow Attestation of Distributed IoT Services (ARCADIS). This protocol extends the state-of-the-art by detecting IoT devices that have (directly or indirectly) been maliciously influenced by runtime attacks on asynchronous distributed IoT services. The protocol has been simulated for Wismote sensors in the Contiki emulator. The conducted experiments confirm the feasibility of ARCADIS and demonstrate its practicality for small IoT networks.