Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory
The proliferation of Internet of Things (IoT) swarms—comprising billions of low-end interconnected embedded devices—has transformed industrial automation, smart homes, and agriculture. However, these swarms are highly susceptible to firmware anomalies that can propagate across nodes, posing serious...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-07-01
|
| Series: | AI |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2673-2688/6/7/161 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850067538510086144 |
|---|---|
| author | Abdelkabir Rouagubi Chaymae El Youssofi Khalid Chougdali |
| author_facet | Abdelkabir Rouagubi Chaymae El Youssofi Khalid Chougdali |
| author_sort | Abdelkabir Rouagubi |
| collection | DOAJ |
| description | The proliferation of Internet of Things (IoT) swarms—comprising billions of low-end interconnected embedded devices—has transformed industrial automation, smart homes, and agriculture. However, these swarms are highly susceptible to firmware anomalies that can propagate across nodes, posing serious security threats. To address this, we propose a novel Remote Attestation (RA) framework for real-time firmware verification, leveraging Relational Graph Neural Networks (RGNNs) to model the graph-like structure of IoT swarms and capture complex inter-node dependencies. Unlike conventional Graph Neural Networks (GNNs), RGNNs incorporate edge types (e.g., Prompt, Sensor Data, Processed Signal), enabling finer-grained detection of propagation dynamics. The proposed method uses runtime Static Random Access Memory (SRAM) data to detect malicious firmware and its effects without requiring access to firmware binaries. Experimental results demonstrate that the framework achieves 99.94% accuracy and a 99.85% anomaly detection rate in a 4-node swarm (Swarm-1), and 100.00% accuracy with complete anomaly detection in a 6-node swarm (Swarm-2). Moreover, the method proves resilient against noise, dropped responses, and trace replay attacks, offering a robust and scalable solution for securing IoT swarms. |
| format | Article |
| id | doaj-art-b22daebfad2144fa86d3689621c14e2a |
| institution | DOAJ |
| issn | 2673-2688 |
| language | English |
| publishDate | 2025-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | AI |
| spelling | doaj-art-b22daebfad2144fa86d3689621c14e2a2025-08-20T02:48:17ZengMDPI AGAI2673-26882025-07-016716110.3390/ai6070161Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access MemoryAbdelkabir Rouagubi0Chaymae El Youssofi1Khalid Chougdali2Engineering Sciences Laboratory, Ibn Tofail University, Kenitra 14000, MoroccoEngineering Sciences Laboratory, Ibn Tofail University, Kenitra 14000, MoroccoEngineering Sciences Laboratory, Ibn Tofail University, Kenitra 14000, MoroccoThe proliferation of Internet of Things (IoT) swarms—comprising billions of low-end interconnected embedded devices—has transformed industrial automation, smart homes, and agriculture. However, these swarms are highly susceptible to firmware anomalies that can propagate across nodes, posing serious security threats. To address this, we propose a novel Remote Attestation (RA) framework for real-time firmware verification, leveraging Relational Graph Neural Networks (RGNNs) to model the graph-like structure of IoT swarms and capture complex inter-node dependencies. Unlike conventional Graph Neural Networks (GNNs), RGNNs incorporate edge types (e.g., Prompt, Sensor Data, Processed Signal), enabling finer-grained detection of propagation dynamics. The proposed method uses runtime Static Random Access Memory (SRAM) data to detect malicious firmware and its effects without requiring access to firmware binaries. Experimental results demonstrate that the framework achieves 99.94% accuracy and a 99.85% anomaly detection rate in a 4-node swarm (Swarm-1), and 100.00% accuracy with complete anomaly detection in a 6-node swarm (Swarm-2). Moreover, the method proves resilient against noise, dropped responses, and trace replay attacks, offering a robust and scalable solution for securing IoT swarms.https://www.mdpi.com/2673-2688/6/7/161anomaly detectioninternet of things (IoT)IoT swarmsrelational graph neural networks (RGNNs)static random access memory (SRAM) |
| spellingShingle | Abdelkabir Rouagubi Chaymae El Youssofi Khalid Chougdali Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory AI anomaly detection internet of things (IoT) IoT swarms relational graph neural networks (RGNNs) static random access memory (SRAM) |
| title | Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory |
| title_full | Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory |
| title_fullStr | Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory |
| title_full_unstemmed | Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory |
| title_short | Firmware Attestation in IoT Swarms Using Relational Graph Neural Networks and Static Random Access Memory |
| title_sort | firmware attestation in iot swarms using relational graph neural networks and static random access memory |
| topic | anomaly detection internet of things (IoT) IoT swarms relational graph neural networks (RGNNs) static random access memory (SRAM) |
| url | https://www.mdpi.com/2673-2688/6/7/161 |
| work_keys_str_mv | AT abdelkabirrouagubi firmwareattestationiniotswarmsusingrelationalgraphneuralnetworksandstaticrandomaccessmemory AT chaymaeelyoussofi firmwareattestationiniotswarmsusingrelationalgraphneuralnetworksandstaticrandomaccessmemory AT khalidchougdali firmwareattestationiniotswarmsusingrelationalgraphneuralnetworksandstaticrandomaccessmemory |