Fear and Logging in the Internet of Things

Wang, Qi; Hassan, Wajih Ul; Bates, Adam; Gunter, Carl A.

doi:10.14722/ndss.2018.23282

Cited by 153 publications

(105 citation statements)

References 35 publications

Supporting

Mentioning

104

Contrasting

Order By: Relevance

“…ProvThings [46] provides data provenance to diagnose the trace and root cause of behavior. However, data provenance is useful only in forensic analysis after an attack.…”

Section: Related Workmentioning

confidence: 99%

“…The increasingly complex interdependencies between devices can easily allow for various attacks, because an adversary controlling one IoT device can now expand influence to more devices through such interdependencies. Unfortunately, attacks leveraging trigger-action rules are difficult to detect manually, as device owners may unintentionally provide access or reveal private information to unauthorized entities due to complex chain reactions [46]. This work presents an automated prevention system called SAFECHAIN which identifies exploitable trigger-action attack chains.…”

Section: Introductionmentioning

confidence: 99%

“…This work presents an automated prevention system called SAFECHAIN which identifies exploitable trigger-action attack chains. SAFECHAIN can thus work in conjunction with methods that support postmortem attack reconstruction from logs [46], methods that identify errors in individual rules [37], and methods that resolve conflicts between rules [30]- [33].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SafeChain: Securing Trigger-Action Programming From Attack Chains

Hsu

Chiang

Hsiao

2019

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

The proliferation of Internet of Things (IoT) is reshaping our lifestyle. With IoT sensors and devices communicating with each other via the Internet, people can customize automation rules to meet their needs. Unless carefully defined, however, such rules can easily become points of security failure as the number of devices and complexity of rules increase. Device owners may end up unintentionally providing access or revealing private information to unauthorized entities due to complex chain reactions among devices. Prior work on trigger-action programming either focuses on conflict resolution or usability issues, or fails to accurately and efficiently detect such attack chains. This paper explores security vulnerabilities when users have the freedom to customize automation rules using triggeraction programming. We define two broad classes of attackprivilege escalation and privacy leakage -and present a practical model-checking-based system called SAFECHAIN that detects hidden attack chains exploiting the combination of rules. Built upon existing model-checking techniques, SAFECHAIN identifies attack chains by modeling the IoT ecosystem as a Finite State Machine. To improve practicability, SAFECHAIN avoids the need to accurately model an environment by frequently rechecking the automation rules given the current states, and employs rule-aware optimizations to further reduce overhead. Our comparative analysis shows that SAFECHAIN can efficiently and accurately identify attack chains, and our prototype implementation of SAFECHAIN can verify 100 rules in less than one second with no false positives.

show abstract

“…ProvThings [46] provides data provenance to diagnose the trace and root cause of behavior. However, data provenance is useful only in forensic analysis after an attack.…”

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SafeChain: Securing Trigger-Action Programming From Attack Chains

Hsu

Chiang

Hsiao

2019

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

show abstract

“…Finally, prior work has proposed novel access control enhancements, which may alleviate some of the concerns raised in this paper. ProvThings [54] provides provenance information that may allow the user to piece together evidence of some of the attacks described in this paper, but does not prevent the attacks themselves. On the contrary, ContextIoT [19] provides users with runtime prompts describing the context of sensitive data accesses, which may alert users to unintended execution of routines (F 4 ), at the cost of reducing automation.…”

Section: Related Workmentioning

confidence: 99%

A Study of Data Store-based Home Automation

Kafle

Moran

Manandhar

et al. 2019

Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy

View full text Add to dashboard Cite

Home automation platforms provide a new level of convenience by enabling consumers to automate various aspects of physical objects in their homes. While the convenience is beneficial, security flaws in the platforms or integrated third-party products can have serious consequences for the integrity of a user's physical environment. In this paper we perform a systematic security evaluation of two popular smart home platforms, Google's Nest platform and Philips Hue, that implement home automation "routines" (i.e., trigger-action programs involving apps and devices) via manipulation of state variables in a centralized data store. Our semi-automated analysis examines, among other things, platform access control enforcement, the rigor of non-system enforcement procedures, and the potential for misuse of routines. This analysis results in ten key findings with serious security implications. For instance, we demonstrate the potential for the misuse of smart home routines in the Nest platform to perform a lateral privilege escalation, illustrate how Nest's product review system is ineffective at preventing multiple stages of this attack that it examines, and demonstrate how emerging platforms may fail to provide even bare-minimum security by allowing apps to arbitrarily add/remove other apps from the user's smart home. Our findings draw attention to the unique security challenges of platforms that execute routines via centralized data stores, and highlight the importance of enforcing security by design in emerging home automation platforms.

show abstract

“…Our approach is complete in expressing the causality and dependencies among the data objects through the provenance graph. Another notable work in this area is ProvThings [26] where a provenance collection framework is proposed for IoT apps and devices. ProvThings presents an automated instrumentation mechanism for IoT apps and device APIs.…”

Section: Related Workmentioning

confidence: 99%

Detecting Safety and Security Faults in PLC Systems with Data Provenance

Farooq

Marquard

George

et al. 2019

2019 IEEE International Symposium on Technologies for Homeland Security (HST)

View full text Add to dashboard Cite

Programmable Logic Controllers are an integral component for managing many different industrial processes (e.g., smart building management, power generation, water and wastewater management, and traffic control systems), and manufacturing and control industries (e.g., oil and natural gas, chemical, pharmaceutical, pulp and paper, food and beverage, automotive, and aerospace). Despite being used widely in many critical infrastructures, PLCs use protocols which make these control systems vulnerable to many common attacks, including man-in-the-middle attacks, denial of service attacks, and memory corruption attacks (e.g., array, stack, and heap overflows, integer overflows, and pointer corruption). In this paper, we propose PLC-PROV, a system for tracking the inputs and outputs of the control system to detect violations in the safety and security policies of the system. We consider a smart building as an example of a PLC-based system and show how PLC-PROV can be applied to ensure that the inputs and outputs are consistent with the intended safety and security policies.

show abstract

Fear and Logging in the Internet of Things

Cited by 153 publications

References 35 publications

SafeChain: Securing Trigger-Action Programming From Attack Chains

SafeChain: Securing Trigger-Action Programming From Attack Chains

A Study of Data Store-based Home Automation

Detecting Safety and Security Faults in PLC Systems with Data Provenance

Contact Info

Product

Resources

About