From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices
CoRR(2024)
摘要
The proliferation of consumer IoT products in our daily lives has raised the
need for secure device authentication and access control. Unfortunately, these
resource-constrained devices typically use token-based authentication, which is
vulnerable to token compromise attacks that allow attackers to impersonate the
devices and perform malicious operations by stealing the access token. Using
hardware fingerprints to secure their authentication is a promising way to
mitigate these threats. However, once attackers have stolen some hardware
fingerprints (e.g., via MitM attacks), they can bypass the hardware
authentication by training a machine learning model to mimic fingerprints or
reusing these fingerprints to craft forge requests.
In this paper, we present MCU-Token, a secure hardware fingerprinting
framework for MCU-based IoT devices even if the cryptographic mechanisms (e.g.,
private keys) are compromised. MCU-Token can be easily integrated with various
IoT devices by simply adding a short hardware fingerprint-based token to the
existing payload. To prevent the reuse of this token, we propose a message
mapping approach that binds the token to a specific request via generating the
hardware fingerprints based on the request payload. To defeat the machine
learning attacks, we mix the valid fingerprints with poisoning data so that
attackers cannot train a usable model with the leaked tokens. MCU-Token can
defend against armored adversary who may replay, craft, and offload the
requests via MitM or use both hardware (e.g., use identical devices) and
software (e.g., machine learning attacks) strategies to mimic the fingerprints.
The system evaluation shows that MCU-Token can achieve high accuracy (over 97
with a low overhead across various IoT devices and application scenarios.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要