IoTSan: Fortifying the Safety of IoT Systems

Today's IoT systems include event-driven smart applications (apps) that interact with sensors and actuators. A problem specific to IoT systems is that buggy apps, unforeseen bad app interactions, or device/communication failures, can cause unsafe and dangerous physical states. Detecting flaws that lead to such states, requires a holistic view of installed apps, component devices, their configurations, and more importantly, how they interact. In this paper, we design IoTSan, a novel practical system that uses model checking as a building block to reveal "interaction-level" flaws by identifying events that can lead the system to unsafe states. In building IoTSan, we design novel techniques tailored to IoT systems, to alleviate the state explosion associated with model checking. IoTSan also automatically translates IoT apps into a format amenable to model checking. Finally, to understand the root cause of a detected vulnerability, we design an attribution mechanism to identify problematic and potentially malicious apps. We evaluate IoTSan on the Samsung SmartThings platform. From 76 manually configured systems, IoTSan detects 147 vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a previous effort. IoTSan detects the potential safety violations and also effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201

Advanced Security Analysis for Emergent Software Platforms

Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems. This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the focus on detecting vulnerable and unsafe interactions between applications that share common components and devices. Contributions of this work include novel insights and methods for: (1) detecting vulnerable interactions between Android applications that leverage dynamic loading features for concealing the interactions; (2) identifying unsafe interactions between smart home applications by considering physical and cyber channels; (3) detecting malicious IoT applications that are developed to target numerous IoT devices; (4) detecting insecure patterns of emergent security APIs that are reused from open-source software. In all of the four research thrusts, we present thorough security analysis and extensive evaluations based on real-world applications. Our results demonstrate that the proposed detection mechanisms can efficiently and effectively detect vulnerabilities in contemporary software platforms. Advisers: Hamid Bagheri and Qiben Ya

Smart and Secure Cross-Device Apps for the Internet of Advanced Things

Today, cross-device communication and intelligent resource sharing among smart devices is limited and inflexible: Typically devices cooperate using fixed interfaces provided by custom-built applications, which users need to install manually. This is tedious, time consuming, bears security and privacy risks, and contrasts the idea of Internet of Things (IoT) where intelligent devices operate in concert to enrich the overall user experience by sharing resources and capabilities. We present Xapp, a context-aware service mobility framework for Android. Our goal is to enable users to securely distribute the functionality of applications to mutually untrusted smart devices, e.g., to enable a smartphone to use a nearby Android TV screen as a display for a video call, let a smartphone navigation app direct an autonomous vehicle, or let it use the vehicle for an object-recognition task rather than using a cloud service with the attendant privacy risks. We built a prototype for Android as the first step towards this goal. Our system is a set of extensions to the existing Remote-OSGi service platform, an emerging industry standard which unfortunately does not secure the communications between devices. This paper describes our proposal for the required security architecture. We designed and implemented an authentication protocol suite, where trust is bootstrapped using NFC for the sake of usability. On top of this we built a fine-grained access control system so that mutually mistrustful Xapp apps can be used simultaneously in the same neighborhood and even on the same devices. Hence, with Xapp users can run an Android app across multiple devices without having to install it on each of them individually. As proof of concept we present the implementation and evaluation of a video call app

Monitored

This book explores a central contradiction of 21st century economy and society: the more morally and politically unaccountable capitalism and capitalists are, the more accountable the mass majority of its subjects must become. The technocratic ideology and surveillance culture of our modern marketized societies hides a deeper reality of a free market that is unmanageable and a corporate elite whose actions cannot be traced let alone regulated. This work highlights the paradoxical way an often disjointed and unjustifiable modern neoliberalism persists through subjecting individuals and communities to a wide range of technical and ethical 'accounting' in all areas of contemporary life. These pervasive practices of monitoring and codifying everything and everyone mask how at its heart this system and its elites remain socially uncontrollable and ethically out of control