12,048 research outputs found
Characterizing Smart Home IoT Traffic in the Wild
As the smart home IoT ecosystem flourishes, it is imperative to gain a better
understanding of the unique challenges it poses in terms of management,
security, and privacy. Prior studies are limited because they examine smart
home IoT devices in testbed environments or at a small scale. To address this
gap, we present a measurement study of smart home IoT devices in the wild by
instrumenting home gateways and passively collecting real-world network traffic
logs from more than 200 homes across a large metropolitan area in the United
States. We characterize smart home IoT traffic in terms of its volume, temporal
patterns, and external endpoints along with focusing on certain security and
privacy concerns. We first show that traffic characteristics reflect the
functionality of smart home IoT devices such as smart TVs generating high
volume traffic to content streaming services following diurnal patterns
associated with human activity. While the smart home IoT ecosystem seems
fragmented, our analysis reveals that it is mostly centralized due to its
reliance on a few popular cloud and DNS services. Our findings also highlight
several interesting security and privacy concerns in smart home IoT ecosystem
such as the need to improve policy-based access control for IoT traffic, lack
of use of application layer encryption, and prevalence of third-party
advertising and tracking services. Our findings have important implications for
future research on improving management, security, and privacy of the smart
home IoT ecosystem.Comment: 13 pages, to be published in IoTDI 202
Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities
Recent advances in Internet of Things (IoT) have enabled myriad domains such
as smart homes, personal monitoring devices, and enhanced manufacturing. IoT is
now pervasive---new applications are being used in nearly every conceivable
environment, which leads to the adoption of device-based interaction and
automation. However, IoT has also raised issues about the security and privacy
of these digitally augmented spaces. Program analysis is crucial in identifying
those issues, yet the application and scope of program analysis in IoT remains
largely unexplored by the technical community. In this paper, we study privacy
and security issues in IoT that require program-analysis techniques with an
emphasis on identified attacks against these systems and defenses implemented
so far. Based on a study of five IoT programming platforms, we identify the key
insights that result from research efforts in both the program analysis and
security communities and relate the efficacy of program-analysis techniques to
security and privacy issues. We conclude by studying recent IoT analysis
systems and exploring their implementations. Through these explorations, we
highlight key challenges and opportunities in calibrating for the environments
in which IoT systems will be used.Comment: syntax and grammar error are fixed, and IoT platforms are updated to
match with the submissio
Systems Computing Challenges in the Internet of Things
A recent McKinsey report estimates the economic impact of the Internet of
Things (IoT) to be between 11 trillion dollars by 20251 . IoT has the
potential to have a profound impact on our daily lives, including technologies
for the home, for health, for transportation, and for managing our natural
resources. The Internet was largely driven by information and ideas generated
by people, but advances in sensing and hardware have enabled computers to more
easily observe the physical world. Coupling this additional layer of
information with advances in machine learning brings dramatic new capabilities
including the ability to capture and process tremendous amounts of data; to
predict behaviors, activities, and the future in uncanny ways; and to
manipulate the physical world in response. This trend will fundamentally change
how people interact with physical objects and the environment. Success in
developing value-added capabilities around IoT requires a broad approach that
includes expertise in sensing and hardware, machine learning, networked
systems, human-computer interaction, security, and privacy. Strategies for
making IoT practical and spurring its ultimate adoption also require a
multifaceted approach that often transcends technology, such as with concerns
over data security, privacy, public policy, and regulatory issues. In this
paper we argue that existing best practices in building robust and secure
systems are insufficient to address the new challenges that IoT systems will
present. We provide recommendations regarding investments in research areas
that will help address inadequacies in existing systems, practices, tools, and
policies.Comment: A Computing Community Consortium (CCC) white paper, 15 page
Internet of Things Security and Forensics: Challenges and Opportunities
The Internet of Things (IoT) envisions pervasive, connected, and smart nodes
interacting autonomously while offering all sorts of services. Wide
distribution, openness and relatively high processing power of IoT objects made
them an ideal target for cyber attacks. Moreover, as many of IoT nodes are
collecting and processing private information, they are becoming a goldmine of
data for malicious actors. Therefore, security and specifically the ability to
detect compromised nodes, together with collecting and preserving evidences of
an attack or malicious activities emerge as a priority in successful deployment
of IoT networks. In this paper, we first introduce existing major security and
forensics challenges within IoT domain and then briefly discuss about papers
published in this special issue targeting identified challenges
User Perceptions of Smart Home IoT Privacy
Smart home Internet of Things (IoT) devices are rapidly increasing in
popularity, with more households including Internet-connected devices that
continuously monitor user activities. In this study, we conduct eleven
semi-structured interviews with smart home owners, investigating their reasons
for purchasing IoT devices, perceptions of smart home privacy risks, and
actions taken to protect their privacy from those external to the home who
create, manage, track, or regulate IoT devices and/or their data. We note
several recurring themes. First, users' desires for convenience and
connectedness dictate their privacy-related behaviors for dealing with external
entities, such as device manufacturers, Internet Service Providers,
governments, and advertisers. Second, user opinions about external entities
collecting smart home data depend on perceived benefit from these entities.
Third, users trust IoT device manufacturers to protect their privacy but do not
verify that these protections are in place. Fourth, users are unaware of
privacy risks from inference algorithms operating on data from non-audio/visual
devices. These findings motivate several recommendations for device designers,
researchers, and industry standards to better match device privacy features to
the expectations and preferences of smart home owners.Comment: 20 pages, 1 tabl
Securing Edge Networks with Securebox
The number of mobile and IoT devices connected to home and enterprise
networks is growing fast. These devices offer new services and experiences for
the users; however, they also present new classes of security threats
pertaining to data and device safety and user privacy. In this article, we
first analyze the potential threats presented by these devices connected to
edge networks. We then propose Securebox: a new cloud-driven, low cost
Security-as-a-Service solution that applies Software-Defined Networking (SDN)
to improve network monitoring, security and management. Securebox enables
remote management of networks through a cloud security service (CSS) with
minimal user intervention required. To reduce costs and improve the
scalability, Securebox is based on virtualized middleboxes provided by CSS. Our
proposal differs from the existing solutions by integrating the SDN and cloud
into a unified edge security solution, and by offering a collaborative
protection mechanism that enables rapid security policy dissemination across
all connected networks in mitigating new threats or attacks detected by the
system. We have implemented two Securebox prototypes, using a low-cost
Raspberry-PI and off-the-shelf fanless PC. Our system evaluation has shown that
Securebox can achieve automatic network security and be deployed incrementally
to the infrastructure with low management overhead
The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved
The future of Internet of Things (IoT) is already upon us. IoT applications
have been widely used in many field of social production and social living such
as healthcare, energy and industrial automation. While enjoying the convenience
and efficiency that IoT brings to us, new threats from IoT also have emerged.
There are increasing research works to ease these threats, but many problems
remain open. To better understand the essential reasons of new threats and the
challenges in current research, this survey first proposes the concept of "IoT
features". Then, the security and privacy effects of eight IoT new features
were discussed including the threats they cause, existing solutions and
challenges yet to be solved. To help researchers follow the up-to-date works in
this field, this paper finally illustrates the developing trend of IoT security
research and reveals how IoT features affect existing security research by
investigating most existing research works related to IoT security from 2013 to
2017
Internet of Things: An Overview
As technology proceeds and the number of smart devices continues to grow
substantially, need for ubiquitous context-aware platforms that support
interconnected, heterogeneous, and distributed network of devices has given
rise to what is referred today as Internet-of-Things. However, paving the path
for achieving aforementioned objectives and making the IoT paradigm more
tangible requires integration and convergence of different knowledge and
research domains, covering aspects from identification and communication to
resource discovery and service integration. Through this chapter, we aim to
highlight researches in topics including proposed architectures, security and
privacy, network communication means and protocols, and eventually conclude by
providing future directions and open challenges facing the IoT development.Comment: Keywords: Internet of Things; IoT; Web of Things; Cloud of Thing
Fog Computing in IoT Aided Smart Grid Transition- Requirements, Prospects, Status Quos and Challenges
Due to unfolded developments in both the IT sectors viz. Intelligent
Transportation and Information Technology contemporary Smart Grid (SG) systems
are leveraged with smart devices and entities. Such infrastructures when
bestowed with the Internet of Things (IoT) and sensor network make a universe
of objects active and online. The traditional cloud deployment succumbs to meet
the analytics and computational exigencies decentralized, dynamic cum
resource-time critical SG ecosystems. This paper synoptically inspects to what
extent the cloud computing utilities can satisfy the mission-critical
requirements of SG ecosystems and which subdomains and services call for fog
based computing archetypes. The objective of this work is to comprehend the
applicability of fog computing algorithms to interplay with the core centered
cloud computing support, thus enabling to come up with a new breed of real-time
and latency free SG services. The work also highlights the opportunities
brought by fog based SG deployments. Correspondingly, we also highlight the
challenges and research thrusts elucidated towards the viability of fog
computing for successful SG Transition.Comment: 13 Pages, 1 table, 1 Figur
Ethical Aspects of Internet of Things from Islamic Perspective
The Internet of Things (IoTs) is an evolving new face of technology that
provides state of the art services using ubiquitously connected smart objects.
These smart objects are capable of sensing, processing, collaborating,
communicating the events and provide services. The IoT is a collection of
heterogeneous technologies like Sensor, RFID, Communication and nanotechnology.
These technologies enable smart objects to identify objects, collect
information about their status,communicating the collected information for
taking some desired actions. Widespread adaptations of IoT based devices and
services raised the ethical challenges for their users. In this paper we
highlight ethical challenges raised by IoT and discuss the solutions and
methods for encouraging people to properly use these technologies according to
Islamic teachings.Comment: 4 pages, 3 figures, 9th IEEE-GCC Conference & Exhibition - 201
- …