EAGER: USBRCCR: Collaborative: Lightweight Policy Enforcement of Information Flows in IoT Infrastructures

EAGER：USBRCCR：协作：物联网基础设施中信息流的轻量级策略执行

• 批准号: 1740897
• 负责人: Atul Prakash
• 金额: $ 16.37万
• 依托单位: Regents of the University of Michigan - Ann Arbor
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2020-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1740897&HistoricalAwards=false
• 关键词: EAGER; USBRCCR; Collaborative; Lightweight; Policy

As Internet of Things (IoT) systems become deployed more widely, their security is becoming a serious concern in many domains, including smart homes, autonomous cars, or industrial control systems. Security exploits in IoT systems can lead to loss of privacy, data theft, financial losses, and even physical harm. The proposed work will develop a novel approach to harden security of IoT systems via cross-layer defense. The approach will be developed and evaluated in collaboration among three participating institutions in the US and Brazil. The project aims to provide technical foundations to harden the defense against several types of security attacks in IoT systems, and the project will also create broader impact through dissemination of results and education efforts.More technically, the proposed approach considers cross-layer defense at IoT app layer, network layer, and devices. The central concept is flow policies: the proposed work extracts flow policies from IoT apps, and then uses these policies to enforce desired flows and to detect violations at both the device and network layers. In contrast to general-purpose applications, the flows in IoT apps are expected to be often predictable and expressive enough to capture important properties such that detected flow violations indicate real problems and not false alarms. If policies are indeed found to be expressive enough, and checking them is lightweight in IoT systems, the approach will provide substantial benefits to improve defense of IoT systems in practice.

随着物联网 (IoT) 系统的部署越来越广泛，其安全性正成为许多领域的严重问题，包括智能家居、自动驾驶汽车或工业控制系统。 物联网系统中的安全漏洞可能会导致隐私丢失、数据被盗、财务损失，甚至人身伤害。 拟议的工作将开发一种新方法，通过跨层防御来强化物联网系统的安全性。 该方法将由美国和巴西的三个参与机构合作开发和评估。 该项目旨在为加强物联网系统中多种类型安全攻击的防御提供技术基础，该项目还将通过成果传播和教育工作产生更广泛的影响。从技术上讲，所提出的方法考虑了物联网的跨层防御应用层、网络层和设备。 核心概念是流量策略：所提出的工作从物联网应用程序中提取流量策略，然后使用这些策略来强制执行所需的流量并检测设备和网络层的违规行为。与通用应用程序相比，物联网应用程序中的流通常应具有足够的可预测性和表现力，以捕获重要属性，以便检测到的流违规表明真正的问题而不是错误警报。 如果策略确实具有足够的表达能力，并且在物联网系统中检查它们是轻量级的，那么该方法将为在实践中改善物联网系统的防御提供巨大的好处。

项目成果

Securing IoT Apps with Fine-grained Control of Information Flows

通过信息流的细粒度控制来保护物联网应用程序

• 发表时间: 2018-01
• 期刊: Brazil
• 作者: Davino Mauro Junior; Kiev Gama
• 通讯作者: Kiev Gama

Robust Physical-World Attacks on Deep Learning Visual Classification

对深度学习视觉分类的强大物理世界攻击

• 发表时间: 2018-06
• 期刊: The IEEE Conference on Computer Vision and Pattern Recognition (CVPR
• 作者: Eykholt, Kevin;Evtimov, Ivan;Fernandes, Earlence;Li, Bo;Rahmati, Amir;Xiao, Chaowei;Prakash, Atul;Kohno, Tadayoshi;Song, Dawn
• 通讯作者: Song, Dawn

Tyche: A Risk-Based Permission Model for Smart Homes

Tyche：智能家居基于风险的权限模型

• DOI: 10.1109/secdev.2018.00012
• 发表时间: 2018-09
• 期刊: 2018 IEEE Cybersecurity Development (SecDev
• 作者: Rahmati, Amir;Fernandes, Earlence;Eykholt, Kevin;Prakash, Atul
• 通讯作者: Prakash, Atul

Securing IoT Apps with Fine-grained Control of Information Flows

通过信息流的细粒度控制来保护物联网应用程序

• 发表时间: 2018-01
• 期刊: XVIII Brazilian Symposium On Information and Computational Systems Security
• 作者: Mauro Junior, Davino;Gama, Kiev;Prakash, Atul
• 通讯作者: Prakash, Atul

A Study of Vulnerability Analysis of Popular Smart Devices Through Their Companion Apps

通过其配套应用程序对流行智能设备进行漏洞分析的研究

• DOI: 10.1109/spw.2019.00042
• 发表时间: 2019-05
• 期刊: 2019 IEEE Security and Privacy Workshops (SPW
• 作者: Mauro Junior, Davino;Melo, Luis;Lu, Hao;d'Amorim, Marcelo;Prakash, Atul
• 通讯作者: Prakash, Atul