Initial trust establishment for personal space IoT systems

University of Technology Sydney. Faculty of Engineering and Information Technology.Internet of Things (IoT) is becoming a reality with innovative applications, and IoT platforms have been developed to transfer technologies from research to business solutions. With IoT applications, we have greater control over personal devices and achieve more insights into the resource consumption habits; business processes can be streamlined; people are also better connected to each other. Despite the benefits derived from the IoT systems, users are concerned about the trustworthiness of their collected data and offered services. Security controls can prevent user’s data from being compromised during transmission, storage or unauthorized access, but do not provide a guarantee against the misbehaved devices that report incorrect information and poor services or avoid conducting a common task. Establishing trust relationship among devices and continuously monitoring their trust is the key to guarantee a reliable IoT system and hence mitigate user’s concerns. In this dissertation, we propose and investigate a novel initial trust establishment architecture for personal space IoT systems. In the initial trust establishment architecture, we propose a trust evidence generation module based on a challenge-response mechanism to generate the trust evidence relying on the device’s responses to the challenges, a trust knowledge assessment module to obtain the knowledge about the device from the generated trust evidence, and a trust evaluation scheme to quantify the initial trust level of the devices. We design and investigate a challenge-response information design to determine feasible designs of the challenge-response mechanism that ensure meaningful and related trust knowledge about the device’s trustworthiness captured from the challenge-response operations. A new trust-aware communication protocol is designed and implemented by incorporating the proposed initial trust establishment architecture into existing Bluetooth Low Energy (BLE) protocol to demonstrate the feasibility and efficiency of the proposed initial trust establishment architecture in practice. In this work, we first study building blocks and possible architectures of the IoT and analyze key requirements of an IoT system. Based on the analysis, we identify the critical role of the initial trust establishment model and the challenges of establishing initial trust in IoT systems due to the lack of knowledge for the trust assessment to work. To address the challenges, we propose a novel initial trust establishment architecture that can generate trust evidence for assessing the initial trust level of new devices by conducting challenge-response operations within a limited time window before they are admitted to the system. We propose three new initial trust establishment models based on the proposed architecture. An implicit relationship between the responses and the challenges is assumed for the system to judge the initial trustworthiness of the devices. The first model assesses the initial trust value based on a probability associated with the device’s behavior captured from the challenge-response process. The second model investigates the initial trust value based on a binary outcome set, and the third model quantifies the initial trust level based on a multiple-component outcome set from the challenge-response process. Subsequently, we propose the challenge-response information design where the challenge-response process is investigated and designed to determine the information space of the challenger’s view on its environment so that the challenge can invite relevant responses from the target environment. Based on the design of the challenge-response mechanism, the system can capture meaningful trust knowledge about the devices from challenge-response operations at their admission phase. We finally design and implement the initial trust-aware BLE protocol which incorporates the proposed initial trust establishment architecture into the existing BLE protocol. The simulation results show the efficiency, feasibility, and dependability of using initial trust-aware BLE protocol for building a trustworthy personal space IoT systems. The novelty of this research lies in assessing the devices’ initial trust level within a limited time window, before their admission to the personal space IoT system, without requiring prior experience or recommendations. The major contribution of this thesis is that it helps the IoT business solution providers to build secure and trustworthy IoT systems by admitting dependable devices, monitoring the trust of admitted devices, detecting maligned devices, and building long-term trust among. As a result, it mitigates the user’s concerns about the trustworthiness of IoT systems and encourages broader adoption of IoT applications

LIPSTICK: Corruptibility-Aware and Explainable Graph Neural Network-based Oracle-Less Attack on Logic Locking

In a zero-trust fabless paradigm, designers are increasingly concerned about hardware-based attacks on the semiconductor supply chain. Logic locking is a design-for-trust method that adds extra key-controlled gates in the circuits to prevent hardware intellectual property theft and overproduction. While attackers have traditionally relied on an oracle to attack logic-locked circuits, machine learning attacks have shown the ability to retrieve the secret key even without access to an oracle. In this paper, we first examine the limitations of state-of-the-art machine learning attacks and argue that the use of key hamming distance as the sole model-guiding structural metric is not always useful. Then, we develop, train, and test a corruptibility-aware graph neural network-based oracle-less attack on logic locking that takes into consideration both the structure and the behavior of the circuits. Our model is explainable in the sense that we analyze what the machine learning model has interpreted in the training process and how it can perform a successful attack. Chip designers may find this information beneficial in securing their designs while avoiding incremental fixes.Comment: Proceedings of 29th Asia and South Pacific Design Automation Conference (ASP-DAC 2024

HOW DOES AWARENESS OF TASK CONFLICT MOTIVATE WIKI-BASED COLLABORATIVE LEARNING? A DESIGN SCIENCE APPROACH

Lack of motivation is a serious problem in wiki-based collaboration process. The original wiki is designed to hide authorship information. Such design may hinder users from being aware of task conflict, resulting in undesired outcomes (e.g., lack of motivation, and suppressed knowledge exchange activities). This research-in-progress tries to motivate students to participate in wiki-based collaborative learning project by increasing awareness of task conflict. Two tools were proposed to solve problems caused by lack of task conflict clues, such as low level of motivation, content trust, knowledge exchange, and sense of audience. A field test was executed to evaluate new designs. We propose to invite active participants from the field test and use focus group interview to explain how awareness of task conflict motivates participation in collaborative learning. This research-inprogress has the potential to lead to various theoretical and practical implications. For example, the results will enhance the literature on task conflict and user motivation, help platforms design motivation mechanisms

A flexible architecture for privacy-aware trust management

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u