Autonomous collaborative networks of devices are rapidly emerging in numerous domains, such as self-driving cars, smart factories, critical infrastructure, and Internet of Things in general. Although autonomy and self-organization are highly desired properties, they increase vulnerability to attacks. Hence, autonomous networks need dependable mechanisms to detect malicious devices in order to prevent compromise of the entire network. However, current mechanisms to detect malicious devices either require a trusted central entity or scale poorly. In this paper, we present GrandDetAuto, the first scheme to identify malicious devices efficiently within large autonomous networks of collaborating entities. GrandDetAuto functions without relying on a central trusted entity, works reliably for very large networks of devices, and is adaptable to a wide range of application scenarios thanks to interchangeable components. Our scheme uses random elections to embed integrity validation schemes in distributed consensus, providing a solution supporting tens of thousands of devices. We implemented and evaluated a concrete instance of GrandDetAuto on a network of embedded devices and conducted large-scale network simulations with up to 100000 nodes. Our results show the effectiveness and efficiency of our scheme, revealing logarithmic growth in run-time and message complexity with increasing network size. Moreover, we provide an extensive evaluation of key parameters showing that GrandDetAuto is applicable to many scenarios with diverse requirements.

翻译：设备自主协作网络正快速涌现于诸多领域，如自动驾驶汽车、智慧工厂、关键基础设施及广义物联网。尽管自主性与自组织性高度契合需求，却增加了遭受攻击的脆弱性。因此，自治网络需要可靠的机制来检测恶意设备，以防止整个网络被攻陷。然而，现有恶意设备检测机制或依赖可信中心实体，或扩展性不佳。本文提出GrandDetAuto，这是首个在大型自治协作实体网络中高效识别恶意设备的方案。GrandDetAuto无需依赖中心化可信实体即可运行，能可靠适用于超大规模设备网络，并通过可替换组件适配广泛的应用场景。该方案利用随机选举将完整性验证机制嵌入分布式共识中，从而支撑数万台设备的解决方案。我们在嵌入式设备网络上实现并评估了GrandDetAuto的具体实例，并开展了含多达10万个节点的大规模网络仿真。结果表明，该方案兼具有效性与高效性，其运行时间和消息复杂度随网络规模呈对数增长。此外，我们对关键参数进行了全面评估，证明GrandDetAuto可适用于需求多样的多种场景。