Ensuring the integrity of Internet of Things (IoT) objects is challenging due to their limited energy and processing resources, as well as their exposure to security threats. Remote Attestation (RA) is a widely used technique that enables a trusted entity, such as a gateway, to verify the integrity of constrained IoT devices remotely. However, applying RA in constrained environments introduces challenges, including redundant attestations, high energy consumption, and vulnerabilities, such as Time-of-Check-Time-of-Use (TOCTOU) attacks. To address these limitations, this paper proposes a novel autonomic IoT framework for self-managing the integrity of IoT objects using a lightweight remote attestation mechanism and the Autonomic Computing paradigm. The proposed approach uses a DBSCAN model to determine when attestation is required, along with a fuzzy-logic system that dynamically selects an appropriate lightweight hash function based on the device state. Meanwhile, the attestation process uses a lightweight HMAC scheme to ensure device integrity. Our proposed framework reduces redundant attestations, optimizes energy consumption, and extends the lifetime of IoT systems, making it suitable for resource-constrained environments.
Garah et al. (Fri,) studied this question.