Professional Documents
Culture Documents
Bertino-IoT ICC2018
Bertino-IoT ICC2018
Bertino-IoT ICC2018
Internet of Things
Elisa Bertino
CS Department and Cyber2SLab
bertino@purdue.edu
The IoT – Wikipedia
• The Internet of Things (IoT) is the network of
physical objects or "things" embedding
electronics, software, and network connectivity,
which enables these objects to collect and
exchange data.
Diagram from Accenture “Driving the Unconventional Growth through the Industrial Internet of Things”, 2015,
downloaded from https://www.accenture.com/us-en/_acnmedia/Accenture/next-gen/reassembling-industry/pdf/Accenture-
Driving-Unconventional-Growth-through-IIoT.pdf
IoT – Privacy and Safety Risks
Privacy
• The toy collects information,
such as name and age, from
the child
• A human can ask information
to the toy and thus get
information about the child –
the device does not
authenticate the voice of the
individual asking the
information and thus
confidential data can be
extracted from the toy if lost or
unattended
• Insecure key management
Safety
• It is possible to inject malicious voice and thus ask the child
to do unsafe actions (e.g. open the door)
Slide based on paper by J.Valente and A. A. Cardenas. Security & Privacy of Smart Toys.
In 1st Workshop on Internet of Things Security and Privacy (IoTS&P ’17). ACM 2017.
Question:
React,
Prepare and Monitor and Diagnose and Recover and
Prevent Detect Understand Fix
nesCheck Kalis Fine-Grained Kinesis
• static analysis and • knowledge-driven • automated response
Analysis
dynamic instrumentation adaptable IDS for IoT system
• node- vs link-related
for nesC memory safety [ICDCS 2017] [ACM SenSys 2014]
[ASIACCS2017] packet dropping attacks
[ACM ToSN 2017]
Heimdall • interference location
OptAll [SECON 2014]
• security provisioning • whitelist-based [ACM ToSN 2016]
based on game theory anomaly detection • statistical model based
[ACM/IEEE IoTDI 2017] defense for IoT routers on variance
[ACM TOPS 2017] [IoT Journal 2017] [SP4SC (IEEE FiCloud’16)]
[ESORICS 2017]
LTEInspector
• systematic testing of
4G LTE
[NDSS 2018]
Heimdall
Monitor and Detect
D. Midi, A. Mudgerikar,
J. Habibi, E. Bertino
Mirai Botnet
• Whitelist-based approach
– Our analysis shows it is effective
• But… naïve design does not work
– Separation of learning and enforcement has
problems
• Profile pollution during learning
• Handling firmware updates
Defense Design
Experiment
durations
1 hr, 24 hrs, 1 week
Heimdall Latency
Heimdall Latency – RTV vs MT
August device
Future Research Directions
• Mobility-aware Fine-Grained Analysis
– Using 2-hop knowledge to construct geometric constraints w.r.t. fixed
system of coordinates
• Bring-Your-Own-IoT
– Enabling containerization and AC policies onto IoT and wearables
Any question?