IoT Gateway Integrity Checking Protocol

摘要

Internet of Things (IoT) gateways connected to the Internet and to IoT devices and running conventional operating systems and communication protocols, are valuable targets for malicious attackers. Once taken over, a compromised gateway can alter, drop or insert data while it bridges information from the IoT devices to the applications running on the Cloud. In this work we present the Gateway Integrity Checking Protocol (GIP), which uses a gossip protocol to collect data from subsets of IoT devices to answer a challenge sent by an External Security Agent (ESA). The response is used to verify if data is arriving untampered to the Cloud. The communication between the ESA and the nodes is secured by keys not accessible by the gateway. We evaluate the time and energy overhead caused by hash calculation at the devices. The impact of the proposed solution on the energy consumption and lifetime of the network is also evaluated through simulations.