Gene Tsudik, Karim Eldefrawy and Collaborators Win the NDSS 2024 Test-of-Time Award
In the early 2010s, when IoT or “smart” devices were still on the horizon, the security research community started considering potential malware attacks on such devices. One way of detecting malware attacks is via so-called “Remote Attestation” — a means of remotely (and periodically) checking the software state of devices. Remote Attestation is especially important in critical settings, such as utility meters, automotive components and medical devices. To enable this, each device needs to have a “root-of-trust” that comprises a set of security features. Researchers from UC Irvine’s Donald Bren School of Information and Computer Sciences (ICS) worked to address this.
In order to systematically construct such a “root-of-trust,” Karim Eldefrawy (then a Ph.D. student in the UCI Networked Systems program) and Prof. Gene Tsudik (his advisor) teamed up with Daniele Perito (then a Ph.D. student in INRIA Rhone-Alpes in France) and Aurelien Francillon (then a postdoctoral researcher at ETH Zurich). Based on a truly collaborative effort and a set of complementary skills, the four-person team came up with a hybrid (software/hardware) scheme called SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust. This scheme was subsequently presented at, and published in the proceedings of, the 2012 Network and Distributed System Security Symposium (NDSS) — one of the top four annual security research venues.
On February 27, 2024, about a dozen years later, this paper (and the research upon which it reported) was honored with the NDSS Test-of-Time Award. According to the Test-of-Time award selection committee, the paper was “ahead of its time” and “inspired” a lot of subsequent research.
“We are very honored and pleasantly surprised by this award,” says Prof. Tsudik, who attended the 2024 NDSS in San Diego to accept the award. “This work was a result of highly contributory, collaborative, and fruitful efforts by all four authors.”
“The award recognizes the most impactful papers presented at past NDSS symposia, acknowledging their significant contributions to the field of computer and network security,” says Tony Givargis, Chair of the ICS Department of Computer Science. “The paper has been instrumental in shaping research and industrial practices in the realm of security.”
— Shani Murray