CPS: Medium: Detecting and Controlling Unwanted Data Flows in the Internet of Things
Lead PI:
Nicholas Feamster
Co-PI:
Abstract
Many emerging Internet-connected devices are not personal computers. They are special-purpose commodity consumer electronic devices such as, for example, smart thermostats and smart door locks. Collectively, these devices are known as the Internet of Things (IoT). They are increasingly used in smart homes, smart cities, intelligent transportation systems, industrial networks and more. The promise of IoT is to improve the quality of everyday life and make society more productive. IoT devices however are not without technological and societal risk. The technological risk derives in part from software and security vulnerabilities. The vast diversity and number of IoT devices make overall consistency problematic and contribute to various inefficiencies. There are risks over the life cycle of some deployed IoT devices that their software may never be patched and their hardware never repaired; i.e., these devices will effectively remain vulnerable indefinitely. The societal risk derives in part from the massive data that is now possible to collect using IoT devices from most anywhere, which violate privacy norms. Moreover, compromised IoT devices might serve as a large-scale highly distributed platform to flood the Internet, disrupting many vital services for society. This project develops technologies that ensure that IoT deployments remain secure and protect user privacy in the face of the widespread deployment of connected smart devices. Network-based defenses against common attacks and device owners' ability to inspect, audit, control and share data are essential capabilities to mitigating technological and societal risks. This project focuses: (1) protecting the devices from vulnerabilities that are often introduced through the use of untrusted software libraries, (2) detecting when devices exhibit anomalous behavior that would suggest an unauthorized data leak or device compromise, relying on statistical anomaly detection of network traffic patterns, and (3) controlling unwanted data leaks and attacks in the network using network firewall rules, outputs from these anomaly detection systems, and software systems that let the owners of these devices inspect and determine the data sent and received. This project advances the theory and practice of network traffic analysis, anomaly detection, and secure segmentation of networks that ensure IoT deployments remain secure despite insecure connected devices.
Performance Period: 10/01/2018 - 09/30/2022
Institution: Princeton University
Sponsor: National Science Foundation
Award Number: 1739809