Essay sample

Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities

Free ideas for

Recent advances in Internet of Things (IoT) have enabled myriad domains such as smart homes, personal monitoring devices, and enhanced manufacturing. IoT is now pervasive---new applications are being used in nearly every conceivable environment, which leads to the adoption of device-based interaction and automation. However, IoT has also raised issues about the security and privacy of these digitally augmented spaces

Program analysis is crucial in identifying those issues, yet the application and scope of program analysis in IoT remains largely unexplored by the technical community.

Free ideas for

The introduction of IoT devices into public and private spaces has changed the way we live. Forexample, home applications that integrate smart locks, thermostats, switches, surveillance systems,and appliances allow users to monitor and interact with their living spaces from anywhere. Whileindustry and users alike have embraced IoT, concerns have been raised about the security andprivacy of digitally augmented spaces. IoT environments necessarily have access tofunctions that, if abused, would put user security at risk, e.g., unlock doors when the user is notat home or create unsafe conditions by turning off the heat in cold weather. In addition,these networked systems have access to private data that, if leaked, would cause privacy issues,e.g., information about when the user sleeps or who and when others are at home. While thematically similar to program analysis in mobile apps and other domains, from our studyof five major IoT programming platforms (Samsung’s SmartThings, Apple’s HomeKit, OpenHAB,Amazon AWS IoT, and Android Things), we have found that IoT programming platforms presentunique characteristics and challenges in program analysis when compared to other platforms.First, in the case of Android, a well-defined intermediate representation (IR) is available, and analysiscan directly analyze IR code. However, IoT programming platforms are diverse, and each uses itsown programming language

Second, IoT integrates physical processes with digital connectivitythrough a diverse set of devices, each of which has a different set of internal device states (e.g., doorlocked/unlocked); thus identifying security and privacy issues through these physical states is quitesubtle.

Free ideas for

Because IoT apps are exposed to a myriad of sensitive data from sensors and devices connected to the hub, one of the chief criticisms of modern IoT systems is that the existing commercial frameworks lack basic tools and services for analyzing what they do with that information– i.e., application privacy [Zeng E., Mare, 2017]. SmartThings, OpenHAB, Apple’s HomeKit provide guidelines and policies for regulating security [Sikder, A. K., Aksu], and related markets provide a degree of internal (hand) vetting of the applications prior to distribution [Xu, T., Wendt, J. B.]. However, tools for evaluating privacy risks in IoT implementations is at this time largely non-existent. What is needed is a suite of analysis tools and techniques targeted to IoT platforms that can identify privacy concerns in IoT apps. This work seeks to explore formally grounded methods and tools for characterizing the use of sensitive data, and identifying the sensitive data flows in IoT implementations. It is important to note that the code analysis identifies potential flows of sensitive data. What the user does with a discovered sensitive data flow is outside the scope of SAINT.

Free ideas for

In summary, recent advances in Internet of Things (IoT) have enabled myriad domains such as smart homes, personal monitoring devices, and enhanced manufacturing. IoT is now pervasive—new applications are being used in nearly every conceivable environment, which leads to the adoption of device-based interaction and automation

However, IoT has also raised issues about the security and privacy of these digitally augmented spaces. Program analysis is crucial in identifying those issues, yet the application and scope of program analysis in IoT remains largely unexplored by the technical community.

Free ideas for

Wang, Q., Hassan, W. U. Fear and logging in the internet of things. In NDSS (2018).

Xu, T., WEendt, J. B. K, M. Security of IoT Systems: Design Challenges and Opportunities. In IEEE Computer-Aided Design (2014).

Yang Y., Et AL. A survey on Security and Privacy Issues in Internet-of-Things. IEEE Internet of Things Journal (2017).

Zeng, E., Mare, S. End User Security & Privacy Concerns with Smart Homes. In USENIX SOUPS (2017)

Sikder, A. K., Aksu, H. 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. In USENIX Security (2017).

Was this essay example useful for you?

Do you need extra help?

Order unique essay written for you
ORDER NOW
599
Words
5
References
essay statistic graph
Topic Popularity
ORDER ESSAY