1.
Nazli Tekin, Ahmet Aris, Abbas Acar, Selcuk Uluagac, Vehbi Cagri Gungor
A review of on-device machine learning for IoT: An energy perspective Journal Article
Elsevier Ad Hoc Networks Journal, 2024.
Abstract | Links | BibTeX | Tags: IoT Security
@article{TEKIN2024103348,
title = {A review of on-device machine learning for IoT: An energy perspective},
author = {Nazli Tekin and Ahmet Aris and Abbas Acar and Selcuk Uluagac and Vehbi Cagri Gungor},
url = {https://www.sciencedirect.com/science/article/pii/S1570870523002688},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = { Elsevier Ad Hoc Networks Journal},
abstract = {Recently, there has been a substantial interest in on-device Machine Learning (ML) models to provide intelligence for the Internet of Things (IoT) applications such as image classification, human activity recognition, and anomaly detection. Traditionally, ML models are deployed in the cloud or centralized servers to take advantage of their abundant computational resources. However, sharing data with the cloud and third parties degrades privacy and may cause propagation delay in the network due to a large amount of transmitted data impacting the performance of real-time applications. To this end, deploying ML models on-device (i.e., on IoT devices), in which data does not need to be transmitted, becomes imperative. However, deploying and running ML models on already resource-constrained IoT devices is challenging and requires intense energy consumption. Numerous works have been proposed in the literature to address this issue. Although there are considerable works that discuss energy-aware ML approaches for on-device implementation, there remains a gap in the literature on a comprehensive review of this subject. In this paper, we provide a review of existing studies focusing on-device ML models for IoT applications in terms of energy consumption. One of the key contributions of this study is to introduce a taxonomy to define approaches for employing energy-aware on-device ML models on IoT devices in the literature. Based on our review in this paper, our key findings are provided and the open issues that can be investigated further by other researchers are discussed. We believe that this study will be a reference for practitioners and researchers who want to employ energy-aware on-device ML models for IoT applications.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Recently, there has been a substantial interest in on-device Machine Learning (ML) models to provide intelligence for the Internet of Things (IoT) applications such as image classification, human activity recognition, and anomaly detection. Traditionally, ML models are deployed in the cloud or centralized servers to take advantage of their abundant computational resources. However, sharing data with the cloud and third parties degrades privacy and may cause propagation delay in the network due to a large amount of transmitted data impacting the performance of real-time applications. To this end, deploying ML models on-device (i.e., on IoT devices), in which data does not need to be transmitted, becomes imperative. However, deploying and running ML models on already resource-constrained IoT devices is challenging and requires intense energy consumption. Numerous works have been proposed in the literature to address this issue. Although there are considerable works that discuss energy-aware ML approaches for on-device implementation, there remains a gap in the literature on a comprehensive review of this subject. In this paper, we provide a review of existing studies focusing on-device ML models for IoT applications in terms of energy consumption. One of the key contributions of this study is to introduce a taxonomy to define approaches for employing energy-aware on-device ML models on IoT devices in the literature. Based on our review in this paper, our key findings are provided and the open issues that can be investigated further by other researchers are discussed. We believe that this study will be a reference for practitioners and researchers who want to employ energy-aware on-device ML models for IoT applications.
2.
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A. Selcuk Uluagac
LGuard: Securing Enterprise-IoT Systems against Serial-Based Attacks via Proprietary Communication Buses Journal Article
ACM Digital Threats: Research and Practice Journal, 2023.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{PucheIoT,
title = {LGuard: Securing Enterprise-IoT Systems against Serial-Based Attacks via Proprietary Communication Buses},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3555721},
year = {2023},
date = {2023-03-01},
urldate = {2023-03-01},
journal = {ACM Digital Threats: Research and Practice Journal},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Enterprise Internet of Things (E-IoT) systems allow users to control audio, video, scheduled events, lightning fixtures, door access, and relays in complex smart installations. These systems are widely used in government or smart private offices, smart buildings/homes, conference rooms, schools, hotels, and similar professional settings. However, even with their widespread use, the security of many E-IoT systems and components has not been researched in the literature. To address this research gap, we focus on E-IoT communication buses, one of the core components used to connect E-IoT devices, and introduce LightningStrike attacks that demonstrate several weaknesses with E-IoT proprietary communication protocols used in E-IoT communication buses. Specifically, we show that popular E-IoT proprietary communication protocols are susceptible to Denial-of-Service (DoS), eavesdropping, impersonation, and replay attacks. As such threats cannot be mitigated through traditional defense mechanisms due to the limitations posed by E-IoT, we propose LGuard, a defense system to protect E-IoT systems against the attacks over communication buses. LGuard uses closed-circuit television footage and computer vision techniques to detect replay attacks. For impersonation and DoS attacks, LGuard utilizes traffic analysis. Finally, LGuard obfuscates the E-IoT traffic via inserting redundant traffic to the bus against eavesdropping attacks. We evaluated the performance of LGuard in a realistic E-IoT deployment, and our detailed evaluations show that LGuard achieves an overall accuracy and precision of 99% in detecting DoS, impersonation, and replay attacks while effectively increasing the difficulty of extracting valuable information for eavesdroppers. In addition, LGuard does not incur any operational overhead or modification to the existing E-IoT system.},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Enterprise Internet of Things (E-IoT) systems allow users to control audio, video, scheduled events, lightning fixtures, door access, and relays in complex smart installations. These systems are widely used in government or smart private offices, smart buildings/homes, conference rooms, schools, hotels, and similar professional settings. However, even with their widespread use, the security of many E-IoT systems and components has not been researched in the literature. To address this research gap, we focus on E-IoT communication buses, one of the core components used to connect E-IoT devices, and introduce LightningStrike attacks that demonstrate several weaknesses with E-IoT proprietary communication protocols used in E-IoT communication buses. Specifically, we show that popular E-IoT proprietary communication protocols are susceptible to Denial-of-Service (DoS), eavesdropping, impersonation, and replay attacks. As such threats cannot be mitigated through traditional defense mechanisms due to the limitations posed by E-IoT, we propose LGuard, a defense system to protect E-IoT systems against the attacks over communication buses. LGuard uses closed-circuit television footage and computer vision techniques to detect replay attacks. For impersonation and DoS attacks, LGuard utilizes traffic analysis. Finally, LGuard obfuscates the E-IoT traffic via inserting redundant traffic to the bus against eavesdropping attacks. We evaluated the performance of LGuard in a realistic E-IoT deployment, and our detailed evaluations show that LGuard achieves an overall accuracy and precision of 99% in detecting DoS, impersonation, and replay attacks while effectively increasing the difficulty of extracting valuable information for eavesdroppers. In addition, LGuard does not incur any operational overhead or modification to the existing E-IoT system.
3.
Nazli Tekin, Abbas Acar, Ahmet Aris, A. Selcuk Uluagac, Vehbi Cagri Gungor
Energy consumption of on-device machine learning models for IoT intrusion detection Journal Article
Elsevier Internet of Things Journal, 2023.
Abstract | Links | BibTeX | Tags: IoT Security, Machine Learning Security
@article{TekinEnergyConsumption,
title = {Energy consumption of on-device machine learning models for IoT intrusion detection},
author = {Nazli Tekin and Abbas Acar and Ahmet Aris and A. Selcuk Uluagac and Vehbi Cagri Gungor},
url = {https://www.sciencedirect.com/science/article/pii/S2542660522001512},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {Elsevier Internet of Things Journal},
abstract = {Recently, Smart Home Systems (SHSs) have gained enormous popularity with the rapid
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.},
keywords = {IoT Security, Machine Learning Security},
pubstate = {published},
tppubtype = {article}
}
Recently, Smart Home Systems (SHSs) have gained enormous popularity with the rapid
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.
4.
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, Selcuk Uluagac
Ivycide: Smart Intrusion Detection System Against E-IoT Driver Threats Journal Article
IEEE Internet of Things Journal, 2023.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{LuisiVYCIDE,
title = {Ivycide: Smart Intrusion Detection System Against E-IoT Driver Threats},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/9849838},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {IEEE Internet of Things Journal},
abstract = {The rise of Internet of Things (IoT) devices has led to the proliferation of smart environments worldwide. Although commodity IoT devices are employed by ordinary end users, complex environments, such as smart buildings, government, or private offices, or conference rooms require customized and highly reliable IoT solutions. Enterprise IoT (E-IoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors As E-IoT systems require specialized training, closed-source software, and proprietary equipment to deploy. In effect, E-IoT systems present an unprecedented, under-researched, and unexplored threat vector for an attacker. In this work, we focus on E-IoT drivers, software modules used to integrate devices into E-IoT systems, as an attack mechanism. We first present PoisonIvy, a series of generalized proof-of-concept attacks used to demonstrate that an attacker can use a malicious driver to perform denial-of-service attacks, gain remote control, and abuse E-IoT system resources. To defend against E-IoT driver-based threats, we introduce Ivycide, a novel intrusion detection system used to detect unexpected E-IoT network traffic from an E-IoT system. Ivycide operates as a passive monitoring system within an E-IoT system using machine learning and signature-based classification to detect Poisonivy attacks. We evaluated the performance of Ivycide in a realistic E-IoT deployment. Our detailed evaluation results show that Ivycide achieves an average accuracy of 97% in classifying the type of Poisonivy attack and operates without modifications or operational overhead to the existing E-IoT systems.},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
The rise of Internet of Things (IoT) devices has led to the proliferation of smart environments worldwide. Although commodity IoT devices are employed by ordinary end users, complex environments, such as smart buildings, government, or private offices, or conference rooms require customized and highly reliable IoT solutions. Enterprise IoT (E-IoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors As E-IoT systems require specialized training, closed-source software, and proprietary equipment to deploy. In effect, E-IoT systems present an unprecedented, under-researched, and unexplored threat vector for an attacker. In this work, we focus on E-IoT drivers, software modules used to integrate devices into E-IoT systems, as an attack mechanism. We first present PoisonIvy, a series of generalized proof-of-concept attacks used to demonstrate that an attacker can use a malicious driver to perform denial-of-service attacks, gain remote control, and abuse E-IoT system resources. To defend against E-IoT driver-based threats, we introduce Ivycide, a novel intrusion detection system used to detect unexpected E-IoT network traffic from an E-IoT system. Ivycide operates as a passive monitoring system within an E-IoT system using machine learning and signature-based classification to detect Poisonivy attacks. We evaluated the performance of Ivycide in a realistic E-IoT deployment. Our detailed evaluation results show that Ivycide achieves an average accuracy of 97% in classifying the type of Poisonivy attack and operates without modifications or operational overhead to the existing E-IoT systems.
5.
Leonardo Babun, Amit Kumar Sikder, Abbas Acar, A. Selcuk Uluagac
The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments Conference Paper
In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS), 2022.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@conference{babun2022truth,
title = {The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments},
author = {Leonardo Babun and Amit Kumar Sikder and Abbas Acar and A. Selcuk Uluagac},
url = {https://www.ndss-symposium.org/wp-content/uploads/2022-133-paper.pdf},
year = {2022},
date = {2022-04-01},
urldate = {2022-04-01},
booktitle = {In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS)},
abstract = {In smart environments such as smart homes and offices, the interaction between devices, users, and apps generate abundant data. Such data contain valuable forensic information about events and activities occurring in the smart environment. Nonetheless, current smart platforms do not provide any digital forensic capability to identify, trace, store, and analyze the data produced in these environments. To fill this gap, in this paper, we introduce VERITAS, a novel and practical digital forensic capability for the smart environment. VERITAS has two main components: Collector and Analyzer. The Collector implements mechanisms to automatically collect forensically-relevant data from the smart environment. Then, in the event of a forensic investigation, the Analyzer uses a First Order Markov Chain model to extract valuable and usable forensic information from the collected data. VERITAS then uses the forensic information to infer activities and behaviors from users, devices, and apps that violate the security policies defined for the environment. We implemented and tested VERITAS in a realistic smart office environment with 22 smart devices and sensors that generated 84209 forensically-valuable incidents. The evaluation shows that VERITAS achieves over 95 percent of accuracy in inferring different anomalous activities and forensic behaviors within the smart environment. Finally, VERITAS is extremely lightweight, yielding no overhead on the devices and minimal overhead in the backend resources (ie, the cloud servers).},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
In smart environments such as smart homes and offices, the interaction between devices, users, and apps generate abundant data. Such data contain valuable forensic information about events and activities occurring in the smart environment. Nonetheless, current smart platforms do not provide any digital forensic capability to identify, trace, store, and analyze the data produced in these environments. To fill this gap, in this paper, we introduce VERITAS, a novel and practical digital forensic capability for the smart environment. VERITAS has two main components: Collector and Analyzer. The Collector implements mechanisms to automatically collect forensically-relevant data from the smart environment. Then, in the event of a forensic investigation, the Analyzer uses a First Order Markov Chain model to extract valuable and usable forensic information from the collected data. VERITAS then uses the forensic information to infer activities and behaviors from users, devices, and apps that violate the security policies defined for the environment. We implemented and tested VERITAS in a realistic smart office environment with 22 smart devices and sensors that generated 84209 forensically-valuable incidents. The evaluation shows that VERITAS achieves over 95 percent of accuracy in inferring different anomalous activities and forensic behaviors within the smart environment. Finally, VERITAS is extremely lightweight, yielding no overhead on the devices and minimal overhead in the backend resources (ie, the cloud servers).
6.
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
System and Method for Secure and Resilient Industrial Control Systems Patent
US Patent, 2022.
Abstract | Links | BibTeX | Tags: IoT Security
@patent{Sikder2022SecureResilientICSb,
title = {System and Method for Secure and Resilient Industrial Control Systems},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US20220182400A1/en},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
abstract = {Context-aware security frameworks to detect malicious behavior in a smart environment (eg, a home, office, or other building) are provided. The framework can address the emerging threats to smart environments by observing the changing patterns of the conditions (eg, active/inactive) of smart entities (eg, sensors and other devices) of the smart environment for different user activities, and building a contextual model to detect malicious activities in the smart environment.},
howpublished = {US Patent},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Context-aware security frameworks to detect malicious behavior in a smart environment (eg, a home, office, or other building) are provided. The framework can address the emerging threats to smart environments by observing the changing patterns of the conditions (eg, active/inactive) of smart entities (eg, sensors and other devices) of the smart environment for different user activities, and building a contextual model to detect malicious activities in the smart environment.
7.
Michael Thompson, Suat Mercan, Mumin Cebe, Kemal Akkaya, Arif Selcuk Uluagac
Cost-efficient IoT Forensics Framework with Blockchain Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@patent{Thompson2021CostEfficient,
title = {Cost-efficient IoT Forensics Framework with Blockchain},
author = {Michael Thompson and Suat Mercan and Mumin Cebe and Kemal Akkaya and Arif Selcuk Uluagac},
url = {https://patentscope.wipo.int/search/en/detail.jsf?docId=US336296346},
year = {2021},
date = {2021-09-21},
urldate = {2021-09-21},
booktitle = {US Patent},
pages = {332–333},
publisher = {Association for Computing Machinery},
series = {WiSec '19},
abstract = {A cost-effective and reliable digital forensics framework is provided by exploiting multiple blockchain networks in two levels. The selected data collected from sensors on a boat is sent to a remote company database and calculated hash of the data is saved in two blockchain platforms in the first level. Hash of each block is retrieved and inserted onto a Merkle tree on a periodic basis to be stored on another blockchain in the second level which is used to detect any error in the first level blockchains. A secure platform is created with the combination of several blockchains.},
howpublished = {US Patent},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {patent}
}
A cost-effective and reliable digital forensics framework is provided by exploiting multiple blockchain networks in two levels. The selected data collected from sensors on a boat is sent to a remote company database and calculated hash of the data is saved in two blockchain platforms in the first level. Hash of each block is retrieved and inserted onto a Merkle tree on a periodic basis to be stored on another blockchain in the second level which is used to detect any error in the first level blockchains. A secure platform is created with the combination of several blockchains.
8.
Kyle Denney, Enes Erdin, Leonardo Babun, A Selcuk Uluagac, Kemal Akkaya
Systems and methods for inhibiting threats to a computing environment Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: IoT Security
@patent{denney2021systemsp,
title = {Systems and methods for inhibiting threats to a computing environment},
author = {Kyle Denney and Enes Erdin and Leonardo Babun and A Selcuk Uluagac and Kemal Akkaya},
url = {https://patents.google.com/patent/US20200356665A1/en},
year = {2021},
date = {2021-09-01},
urldate = {2021-09-01},
publisher = {Google Patents},
abstract = {Novel hardware-based frameworks and methods for the detection and inhibition or prevention of insider threats utilizing machine learning methods and data collection done at the physical layer are provided. Analysis is done on unknown USB-powered devices, such as a keyboard or mouse, introduced to a computing environment and, through the utilization of machine learning, the behavior of the unknown device is determined before it can potentially cause harm to the computing environment.},
howpublished = {US Patent},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Novel hardware-based frameworks and methods for the detection and inhibition or prevention of insider threats utilizing machine learning methods and data collection done at the physical layer are provided. Analysis is done on unknown USB-powered devices, such as a keyboard or mouse, introduced to a computing environment and, through the utilization of machine learning, the behavior of the unknown device is determined before it can potentially cause harm to the computing environment.
9.
Luis C Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
Systems and methods for monitoring activity in an HDMI network Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@patent{rondon2021systems,
title = {Systems and methods for monitoring activity in an HDMI network},
author = {Luis C Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US10929530B1/en},
year = {2021},
date = {2021-02-01},
urldate = {2021-02-01},
publisher = {Google Patents},
abstract = {Systems and methods for monitoring activity within High Definition Multimedia Interface (HDMI) enabled consumer electronics control (CEC) devices and their networks and identifying unexpected and/or suspicious activity within the network are provided. CEC message packets and packet attribute analysis can be used to identify unexpected and/or suspicious CEC activity within two or more interconnected HDMI devices. Three fundamental steps can be used: a data collection step can capture CEC activity occurring within an HDMI distribution; a data processing step can correlate data into a packet analysis process to create a model later used for evaluation; and a decision process step can use the model created in the data processing step to determine if activity occurring within the HDMI distribution is expected or unexpected.},
howpublished = {US Patent},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {patent}
}
Systems and methods for monitoring activity within High Definition Multimedia Interface (HDMI) enabled consumer electronics control (CEC) devices and their networks and identifying unexpected and/or suspicious activity within the network are provided. CEC message packets and packet attribute analysis can be used to identify unexpected and/or suspicious CEC activity within two or more interconnected HDMI devices. Three fundamental steps can be used: a data collection step can capture CEC activity occurring within an HDMI distribution; a data processing step can correlate data into a packet analysis process to create a model later used for evaluation; and a decision process step can use the model created in the data processing step to determine if activity occurring within the HDMI distribution is expected or unexpected.
10.
Luis Puche, Ahmet Aris, Leonardo Babun, Kemal Akkaya, A. Selcuk Uluagac
Survey on Enterprise Internet-of-Things Systems (E-IoT): A Security Perspective Journal Article
Elsevier Ad Hoc Networks Journal, 2021.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{puche2021survey,
title = {Survey on Enterprise Internet-of-Things Systems (E-IoT): A Security Perspective},
author = {Luis Puche and Ahmet Aris and Leonardo Babun and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S1570870521002171},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Elsevier Ad Hoc Networks Journal},
abstract = {As technology becomes more widely available, millions of users worldwide have installed some form of smart device in their homes or workplaces. These devices are often off-the-shelf commodity systems, such as Google Home or Samsung SmartThings, that are installed by end-users looking to automate a small deployment. In contrast to these plug-and-play systems, purpose-built Enterprise Internet-of-Things (E-IoT) systems such as Crestron, Control4, RTI, Savant offer a smart solution for more sophisticated applications (e.g., complete lighting control, A/V management, security). In contrast to commodity systems, E-IoT systems are usually closed source, costly, require certified installers, and are overall more robust for their use cases. Due to this, E-IoT systems are often found in expensive smart homes, government and academic conference rooms, yachts, and smart private offices. However, while there has},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
As technology becomes more widely available, millions of users worldwide have installed some form of smart device in their homes or workplaces. These devices are often off-the-shelf commodity systems, such as Google Home or Samsung SmartThings, that are installed by end-users looking to automate a small deployment. In contrast to these plug-and-play systems, purpose-built Enterprise Internet-of-Things (E-IoT) systems such as Crestron, Control4, RTI, Savant offer a smart solution for more sophisticated applications (e.g., complete lighting control, A/V management, security). In contrast to commodity systems, E-IoT systems are usually closed source, costly, require certified installers, and are overall more robust for their use cases. Due to this, E-IoT systems are often found in expensive smart homes, government and academic conference rooms, yachts, and smart private offices. However, while there has
11.
Adrien Cosson, Amit Kumar Sikder, Leonardo Babun, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
Sentinel: A robust intrusion detection system for IoT networks using kernel-level system information Conference Paper
In the Proceedings of the International Conference on Internet-of-Things Design and Implementation, 2021.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{cosson2021sentinel,
title = {Sentinel: A robust intrusion detection system for IoT networks using kernel-level system information},
author = {Adrien Cosson and Amit Kumar Sikder and Leonardo Babun and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/abs/10.1145/3450268.3453533},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Proceedings of the International Conference on Internet-of-Things Design and Implementation},
abstract = {The concept of Internet of Things (IoT) has changed the way we live by integrating commodity devices with cyberspace to automate our everyday tasks. Nowadays, IoT devices in the home environment are becoming ubiquitous with seamless connectivity and diverse application domains. Modern IoT devices have adopted a many-to-many connectivity model to enhance user experience and device functionalities compared to early IoT devices with standalone device setup and limited functionalities. However, the continuous connection between devices and cyberspace has introduced new cyber attacks targeting IoT devices and networks. Due to the resource-constrained nature of IoT devices as well as the opacity of the IoT framework, traditional intrusion detection systems cannot be applied here. In this paper, we introduce Sentinel, a novel intrusion detection system that uses kernel-level information to detect},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
The concept of Internet of Things (IoT) has changed the way we live by integrating commodity devices with cyberspace to automate our everyday tasks. Nowadays, IoT devices in the home environment are becoming ubiquitous with seamless connectivity and diverse application domains. Modern IoT devices have adopted a many-to-many connectivity model to enhance user experience and device functionalities compared to early IoT devices with standalone device setup and limited functionalities. However, the continuous connection between devices and cyberspace has introduced new cyber attacks targeting IoT devices and networks. Due to the resource-constrained nature of IoT devices as well as the opacity of the IoT framework, traditional intrusion detection systems cannot be applied here. In this paper, we introduce Sentinel, a novel intrusion detection system that uses kernel-level information to detect
12.
Leonardo Babun, Kyle Denney, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
A survey on IoT platforms: Communication, security, and privacy perspectives Journal Article
Computer Networks Journal, 2021.
Abstract | BibTeX | Tags: IoT Security
@article{babun2021survey,
title = {A survey on IoT platforms: Communication, security, and privacy perspectives},
author = {Leonardo Babun and Kyle Denney and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Computer Networks Journal},
publisher = {Elsevier},
abstract = {The Internet of Things (IoT) redefines the way how commodity and industrial tasks are performed every day. The integration of sensors, lightweight computation, and the proliferation of different wireless technologies on IoT platforms enable human beings to easily interact with their surrounding physical world thoroughly. With the recent rise of IoT, several different IoT platforms have been introduced for researchers and developers to ease the management and control of various IoT devices. In general, the IoT platforms act as a bridge between core IoT functionalities and users by providing APIs. Due to their wide variety of applications, IoT platforms are mostly unique in their architectures and designs. Thus, IoT administrators, developers, and researchers (i.e.,IoT users) are challenged with substantial configuration differences in the proper configuration, implementation, and protection of the IoT solutions.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) redefines the way how commodity and industrial tasks are performed every day. The integration of sensors, lightweight computation, and the proliferation of different wireless technologies on IoT platforms enable human beings to easily interact with their surrounding physical world thoroughly. With the recent rise of IoT, several different IoT platforms have been introduced for researchers and developers to ease the management and control of various IoT devices. In general, the IoT platforms act as a bridge between core IoT functionalities and users by providing APIs. Due to their wide variety of applications, IoT platforms are mostly unique in their architectures and designs. Thus, IoT administrators, developers, and researchers (i.e.,IoT users) are challenged with substantial configuration differences in the proper configuration, implementation, and protection of the IoT solutions.
13.
Javier Franco, Ahmet Aris, Berk Canberk, A Selcuk Uluagac
A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems Journal Article
IEEE Communications Surveys & Tutorials, 2021.
Abstract | BibTeX | Tags: CPS Security, IoT Security
@article{franco2021survey,
title = {A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems},
author = {Javier Franco and Ahmet Aris and Berk Canberk and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Communications Surveys & Tutorials},
publisher = {IEEE},
abstract = {The Internet of Things (IoT), the Industrial Internet of Things (IIoT), and Cyber-Physical Systems (CPS) have become essential for our daily lives in contexts such as our homes, buildings, cities, health, transportation, manufacturing, infrastructure, and agriculture. However, they have become popular targets of attacks, due to their inherent limitations which create vulnerabilities. Honeypots and honeynets can prove essential to understand and defend against attacks on IoT, IIoT, and CPS environments by attracting attackers and deceiving them into thinking that they have gained access to the real systems. Honeypots and honeynets can complement other security solutions (i.e., firewalls, Intrusion Detection Systems - IDS) to form a strong defense against malicious entities. This paper provides a comprehensive survey of the research that has been carried out on honeypots and honeynets for IoT, IIoT, and CPS. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT), the Industrial Internet of Things (IIoT), and Cyber-Physical Systems (CPS) have become essential for our daily lives in contexts such as our homes, buildings, cities, health, transportation, manufacturing, infrastructure, and agriculture. However, they have become popular targets of attacks, due to their inherent limitations which create vulnerabilities. Honeypots and honeynets can prove essential to understand and defend against attacks on IoT, IIoT, and CPS environments by attracting attackers and deceiving them into thinking that they have gained access to the real systems. Honeypots and honeynets can complement other security solutions (i.e., firewalls, Intrusion Detection Systems - IDS) to form a strong defense against malicious entities. This paper provides a comprehensive survey of the research that has been carried out on honeypots and honeynets for IoT, IIoT, and CPS.
14.
Amit Kumar Sikder, Leonardo Babun, A Selcuk Uluagac
Aegis+ a context-aware platform-independent security framework for smart home systems Journal Article
Digital Threats: Research and Practice Journal, 2021.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{sikder2021aegis+,
title = {Aegis+ a context-aware platform-independent security framework for smart home systems},
author = {Amit Kumar Sikder and Leonardo Babun and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/pdf/10.1145/3359789.3359840},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Digital Threats: Research and Practice Journal},
publisher = {ACM New York, NY, USA},
abstract = {The introduction of modern Smart Home Systems (SHSs) is redefining the way we perform everyday activities. Today, myriad SHS applications and the devices they control are widely available to users. Specifically, users can easily download and install the apps from vendor-specific app markets, or develop their own, to effectively implement their SHS solutions. However, despite their benefits, app-based SHSs unfold diverse security risks. Several attacks have already been reported to SHSs and current security solutions only consider smart home devices and apps individually to detect malicious actions, rather than the context of the SHS as a whole. Thus, the current security solutions applied to SHSs cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these limitations, in this article, we introduce Aegis+, a novel context-aware platform-independent security framework.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
The introduction of modern Smart Home Systems (SHSs) is redefining the way we perform everyday activities. Today, myriad SHS applications and the devices they control are widely available to users. Specifically, users can easily download and install the apps from vendor-specific app markets, or develop their own, to effectively implement their SHS solutions. However, despite their benefits, app-based SHSs unfold diverse security risks. Several attacks have already been reported to SHSs and current security solutions only consider smart home devices and apps individually to detect malicious actions, rather than the context of the SHS as a whole. Thus, the current security solutions applied to SHSs cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these limitations, in this article, we introduce Aegis+, a novel context-aware platform-independent security framework.
15.
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A Selcuk Uluagac
LightningStrike: (in) secure practices of E-IoT systems in the wild Conference Paper
In the Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2021.
Abstract | BibTeX | Tags: IoT Security, Smart Home Security
@conference{rondon2021lightningstrike,
title = {LightningStrike: (in) secure practices of E-IoT systems in the wild},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {The widespread adoption of specialty smart ecosystems has changed the everyday lives of users. As a part of smart ecosystems, Enterprise Internet of Things (E-IoT) allows users to integrate and control more complex installations in comparison to off-the-shelf IoT systems. With E-IoT, users have a complete control of audio, video, scheduled events, lightning fixtures, shades, door access, and relays via available user interfaces. As such, these systems see widespread use in government or smart private offices, schools, smart buildings, professional conference rooms, hotels, smart homes, yachts, and similar professional settings. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
The widespread adoption of specialty smart ecosystems has changed the everyday lives of users. As a part of smart ecosystems, Enterprise Internet of Things (E-IoT) allows users to integrate and control more complex installations in comparison to off-the-shelf IoT systems. With E-IoT, users have a complete control of audio, video, scheduled events, lightning fixtures, shades, door access, and relays via available user interfaces. As such, these systems see widespread use in government or smart private offices, schools, smart buildings, professional conference rooms, hotels, smart homes, yachts, and similar professional settings.
16.
Hidayet Aksu, A Selcuk Uluagac, Elizabeth S Bentley
Internet of things (IoT) identifying system and associated methods Patent
US Patent, 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@patent{aksu2020internet,
title = {Internet of things (IoT) identifying system and associated methods},
author = {Hidayet Aksu and A Selcuk Uluagac and Elizabeth S Bentley},
url = {https://uspto.report/patent/grant/10,826,902},
year = {2020},
date = {2020-11-01},
urldate = {2020-11-01},
publisher = {Google Patents},
abstract = {A wireless Internet-of-Things (IoT) device identification method and framework incorporates machine learning (ML) techniques with information from the protocol used (eg, Bluetooth, Bluetooth Low Energy/Bluetooth Smart, and others). A passive, non-intrusive feature selection technique targets IoT device captures with an ML classifier selection algorithm for the identification of IoT devices (ie, picking the best performing ML algorithm among multiple ML algorithms available). Using an input training label and training dataset (eg, training wireless IoT packets) associated with the IoT device, a classifier and a filter are selected. An inter-arrival-time (IAT) associated with the filtered training data set and a density distribution for the IAT are then calculated. After converting the density distribution to the training feature vector, a prediction model and the selected classifier are stored for subsequent application to testing.},
howpublished = {US Patent},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {patent}
}
A wireless Internet-of-Things (IoT) device identification method and framework incorporates machine learning (ML) techniques with information from the protocol used (eg, Bluetooth, Bluetooth Low Energy/Bluetooth Smart, and others). A passive, non-intrusive feature selection technique targets IoT device captures with an ML classifier selection algorithm for the identification of IoT devices (ie, picking the best performing ML algorithm among multiple ML algorithms available). Using an input training label and training dataset (eg, training wireless IoT packets) associated with the IoT device, a classifier and a filter are selected. An inter-arrival-time (IAT) associated with the filtered training data set and a density distribution for the IAT are then calculated. After converting the density distribution to the training feature vector, a prediction model and the selected classifier are stored for subsequent application to testing.
17.
Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, Selcuk Uluagac
Peek-a-boo: I see your smart home activities, even encrypted! Conference Paper
In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2020.
Abstract | BibTeX | Tags: IoT Security, Smart Home Security
@conference{acar2020peek,
title = {Peek-a-boo: I see your smart home activities, even encrypted!},
author = {Abbas Acar and Hossein Fereidooni and Tigist Abera and Amit Kumar Sikder and Markus Miettinen and Hidayet Aksu and Mauro Conti and Ahmad-Reza Sadeghi and Selcuk Uluagac},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks},
abstract = {A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data contains a lot of sensitive information about the user and devices. However, an attacker inside or near a smart home environment can potentially exploit the innate wireless medium used by these devices to exfiltrate sensitive information from the encrypted payload (i.e., sensor data) about the users and their activities, invading user privacy. With this in mind, in this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data contains a lot of sensitive information about the user and devices. However, an attacker inside or near a smart home environment can potentially exploit the innate wireless medium used by these devices to exfiltrate sensitive information from the encrypted payload (i.e., sensor data) about the users and their activities, invading user privacy. With this in mind, in this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment.
18.
Amit Kumar Sikder, Leonardo Babun, Z Berkay Celik, Abbas Acar, Hidayet Aksu, Patrick McDaniel, Engin Kirda, A Selcuk Uluagac
Kratos: Multi-user multi-device-aware access control system for the smart home Conference Paper
In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{sikder2020kratos,
title = {Kratos: Multi-user multi-device-aware access control system for the smart home},
author = {Amit Kumar Sikder and Leonardo Babun and Z Berkay Celik and Abbas Acar and Hidayet Aksu and Patrick McDaniel and Engin Kirda and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/10.1145/3395351.3399358},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {In a smart home system, multiple users have access to multiple devices, typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique trusted user that controls the access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically changing demands on multiple devices, which cannot be handled by traditional access control techniques. To address these challenges, in this paper, we introduce Kratos, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos has three main components: user interaction module, back-end server, and policy manager. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
In a smart home system, multiple users have access to multiple devices, typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique trusted user that controls the access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically changing demands on multiple devices, which cannot be handled by traditional access control techniques. To address these challenges, in this paper, we introduce Kratos, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos has three main components: user interaction module, back-end server, and policy manager.
19.
Leonardo Babun, Hidayet Aksu, Lucas Ryan, Kemal Akkaya, Elizabeth S Bentley, A Selcuk Uluagac
Z-iot: Passive device-class fingerprinting of zigbee and z-wave iot devices Conference Paper
In the proceedings of the IEEE International Conference on Communications (ICC) Conference, IEEE 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{babun2020z,
title = {Z-iot: Passive device-class fingerprinting of zigbee and z-wave iot devices},
author = {Leonardo Babun and Hidayet Aksu and Lucas Ryan and Kemal Akkaya and Elizabeth S Bentley and A Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/9149285},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE International Conference on Communications (ICC) Conference},
organization = {IEEE},
abstract = {In addition to traditional networking devices (e.g., gateways, firewalls), current corporate and industrial networks integrate resource-limited Internet of Things (IoT) devices like smart outlets and smart sensors. In these settings, cyber attackers can bypass traditional security solutions and spoof legitimate IoT devices to gain illegal access to the systems. Thus, IoT device-class identification is crucial to protect critical networks from unauthorized access. In this paper, we propose Z-IoT, the first fingerprinting framework used to identify IoT device classes that utilize ZigBee and Z-Wave protocols. Z-IoT monitors idle network traffic among IoT devices to implement signature-based device-class fingerprinting mechanisms. Utilizing passive packet capturing techniques and optimal selection of filtering criteria and machine learning algorithms, Z-IoT identifies different types of IoT devices while guaranteeing the anonymity.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
In addition to traditional networking devices (e.g., gateways, firewalls), current corporate and industrial networks integrate resource-limited Internet of Things (IoT) devices like smart outlets and smart sensors. In these settings, cyber attackers can bypass traditional security solutions and spoof legitimate IoT devices to gain illegal access to the systems. Thus, IoT device-class identification is crucial to protect critical networks from unauthorized access. In this paper, we propose Z-IoT, the first fingerprinting framework used to identify IoT device classes that utilize ZigBee and Z-Wave protocols. Z-IoT monitors idle network traffic among IoT devices to implement signature-based device-class fingerprinting mechanisms. Utilizing passive packet capturing techniques and optimal selection of filtering criteria and machine learning algorithms, Z-IoT identifies different types of IoT devices while guaranteeing the anonymity.
20.
AKM Iqtidar Newaz, Amit Kumar Sikder, Leonardo Babun, A Selcuk Uluagac
Heka: A novel intrusion detection system for attacks to personal medical devices Conference Paper
In the proceedings of the IEEE Conference on Communications and Network Security (CNS), IEEE 2020.
Abstract | Links | BibTeX | Tags: Healthcare Security, IoT Security, Smart Home Security
@conference{newaz2020heka,
title = {Heka: A novel intrusion detection system for attacks to personal medical devices},
author = {AKM Iqtidar Newaz and Amit Kumar Sikder and Leonardo Babun and A Selcuk Uluagac},
url = {https://csl.fiu.edu/wp-content/uploads/2023/05/heka.pdf},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE Conference on Communications and Network Security (CNS)},
organization = {IEEE},
abstract = {Modern Smart Health Systems (SHS) involve the concept of connected personal medical devices. These devices significantly improve the patient's lifestyle as they permit remote monitoring and transmission of health data (i.e., telemedicine), lowering the treatment costs for both the patient and the healthcare providers. Although specific SHS communication standards (i.e., ISO/IEEE 11073) enable real-time plug-and-play interoperability and communication between different personal medical devices, they do not specify any features for secure communications. In this paper, we demonstrate how personal medical device communication is indeed vulnerable to different cyber attacks. Specifically, we show how an external attacker can hook into the personal medical device's communication and eavesdrop the sensitive health data traffic, and implement manin-the-middle, replay, false data injection, and denial-of service.},
keywords = {Healthcare Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Modern Smart Health Systems (SHS) involve the concept of connected personal medical devices. These devices significantly improve the patient's lifestyle as they permit remote monitoring and transmission of health data (i.e., telemedicine), lowering the treatment costs for both the patient and the healthcare providers. Although specific SHS communication standards (i.e., ISO/IEEE 11073) enable real-time plug-and-play interoperability and communication between different personal medical devices, they do not specify any features for secure communications. In this paper, we demonstrate how personal medical device communication is indeed vulnerable to different cyber attacks. Specifically, we show how an external attacker can hook into the personal medical device's communication and eavesdrop the sensitive health data traffic, and implement manin-the-middle, replay, false data injection, and denial-of service.
21.
Abbas Acar, Hidayet Aksu, A Selcuk Uluagac, Kemal Akkaya
A usable and robust continuous authentication framework using wearables Journal Article
IEEE Transactions on Mobile Computing Journal, 2020.
Abstract | BibTeX | Tags: Authentication, IoT Security, Smart Home Security
@article{acar2020usable,
title = {A usable and robust continuous authentication framework using wearables},
author = {Abbas Acar and Hidayet Aksu and A Selcuk Uluagac and Kemal Akkaya},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Mobile Computing Journal},
publisher = {IEEE},
abstract = {One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session, which is lacking in existing one-time login systems. Continuous authentication, which re-verifies the user identity without breaking the continuity of the session, can address this issue. However, existing methods for Continuous Authentication are either not reliable or not usable. In this paper, we introduce a usable and reliable Wearable-Assisted Continuous Authentication (WACA), which relies on the sensor-based keystroke dynamics and the authentication data is acquired through the built-in sensors of a wearable (e.g., smartwatch) while the user is typing. },
keywords = {Authentication, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session, which is lacking in existing one-time login systems. Continuous authentication, which re-verifies the user identity without breaking the continuity of the session, can address this issue. However, existing methods for Continuous Authentication are either not reliable or not usable. In this paper, we introduce a usable and reliable Wearable-Assisted Continuous Authentication (WACA), which relies on the sensor-based keystroke dynamics and the authentication data is acquired through the built-in sensors of a wearable (e.g., smartwatch) while the user is typing.
22.
Nico Saputro, Samet Tonyali, Abdullah Aydeger, Kemal Akkaya, Mohammad A Rahman, Selcuk Uluagac
A review of moving target defense mechanisms for internet of things applications Journal Article
Modeling and Design of Secure Internet of Things Journal, 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@article{saputro2020review,
title = {A review of moving target defense mechanisms for internet of things applications},
author = {Nico Saputro and Samet Tonyali and Abdullah Aydeger and Kemal Akkaya and Mohammad A Rahman and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/9124015},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Modeling and Design of Secure Internet of Things Journal},
publisher = {Wiley Online Library},
abstract = {The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resourceconstrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDNbased MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resourceconstrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDNbased MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.
23.
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
HDMI-watch: Smart intrusion detection system against HDMI attacks Journal Article
IEEE Transactions on Network Science and Engineering Journal, 2020.
Abstract | BibTeX | Tags: CPS Security, IoT Security, Smart Home Security
@article{rondon2020hdmi,
title = {HDMI-watch: Smart intrusion detection system against HDMI attacks},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Network Science and Engineering Journal},
publisher = {IEEE},
abstract = {The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video connections between video-enabled devices. Today, nearly ten billion HDMI devices are used to distribute A/V signals in homes, offices, concert halls, and sporting events. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows HDMI devices to share an HDMI distribution to communicate and interact with each other. In this work, we identify security and privacy issues in HDMI networks by taping into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study how current insecure CEC protocol practices and carelessly implemented HDMI distributions may grant an adversary a novel attack surface for HDMI devices, otherwise thought to be unreachable through traditional network means.},
keywords = {CPS Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video connections between video-enabled devices. Today, nearly ten billion HDMI devices are used to distribute A/V signals in homes, offices, concert halls, and sporting events. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows HDMI devices to share an HDMI distribution to communicate and interact with each other. In this work, we identify security and privacy issues in HDMI networks by taping into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study how current insecure CEC protocol practices and carelessly implemented HDMI distributions may grant an adversary a novel attack surface for HDMI devices, otherwise thought to be unreachable through traditional network means.
24.
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A Selcuk Uluagac
PoisonIvy: (In) secure Practices of Enterprise IoT Systems in Smart Buildings Conference Paper
In the Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security, Smart Home Security
@conference{rondon2020poisonivy,
title = {PoisonIvy: (In) secure Practices of Enterprise IoT Systems in Smart Buildings},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/abs/10.1145/3408308.3427606},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation},
pages = {130–139},
abstract = {The rise of IoT devices has led to the proliferation of smart buildings, offices, and homes worldwide. Although commodity IoT devices are employed by ordinary end-users, complex environments such as smart buildings, government, or private smart offices, conference rooms, or hospitality require customized and highly reliable solutions. Those systems called Enterprise Internet of Things (EIoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors (e.g., Control4, Crestron, Lutron, etc.). As EIoT systems require specialized training, software, and equipment to deploy, many of these systems are closed-source and proprietary in nature. This has led to very little research investigating the security of EIoT systems and their components. },
keywords = {CPS Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
The rise of IoT devices has led to the proliferation of smart buildings, offices, and homes worldwide. Although commodity IoT devices are employed by ordinary end-users, complex environments such as smart buildings, government, or private smart offices, conference rooms, or hospitality require customized and highly reliable solutions. Those systems called Enterprise Internet of Things (EIoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors (e.g., Control4, Crestron, Lutron, etc.). As EIoT systems require specialized training, software, and equipment to deploy, many of these systems are closed-source and proprietary in nature. This has led to very little research investigating the security of EIoT systems and their components.
25.
Kyle Denney, Leonardo Babun, A Selcuk Uluagac
USB-watch: A generalized hardware-assisted insider threat detection framework Journal Article
Journal of Hardware and Systems Security, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{denney2020usb,
title = {USB-watch: A generalized hardware-assisted insider threat detection framework},
author = {Kyle Denney and Leonardo Babun and A Selcuk Uluagac},
url = {https://link.springer.com/article/10.1007/s41635-020-00092-z},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Journal of Hardware and Systems Security},
publisher = {Springer},
abstract = {Today, the USB protocol is among the most widely used protocolsmostly due to its plug-and-play nature and number of supported devices. However, the mass-proliferation of USB has led to a threat vector wherein USB devices are assumed innocent, leaving computers open to an attack. Malicious USB devices are able to disguise themselves as benign devices to insert malicious commands to connected end devices. Currently, a rogue device appears as a normal USB device to the average OS, requiring advanced detection schemes (i.e., classification) to identify malicious behaviors from the devices. However, using system-level hooks, an advanced threat may subvert OS-reliant detection schemes. This paper showcases USB-Watch, a hardware-based USB threat detection framework. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Today, the USB protocol is among the most widely used protocolsmostly due to its plug-and-play nature and number of supported devices. However, the mass-proliferation of USB has led to a threat vector wherein USB devices are assumed innocent, leaving computers open to an attack. Malicious USB devices are able to disguise themselves as benign devices to insert malicious commands to connected end devices. Currently, a rogue device appears as a normal USB device to the average OS, requiring advanced detection schemes (i.e., classification) to identify malicious behaviors from the devices. However, using system-level hooks, an advanced threat may subvert OS-reliant detection schemes. This paper showcases USB-Watch, a hardware-based USB threat detection framework.
26.
Oscar Bautista, Kemal Akkaya, A Selcuk Uluagac
Customized novel routing metrics for wireless mesh-based swarm-of-drones applications Journal Article
Internet of Things Journal, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{bautista2020customized,
title = {Customized novel routing metrics for wireless mesh-based swarm-of-drones applications},
author = {Oscar Bautista and Kemal Akkaya and A Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S2542660520300998},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Internet of Things Journal},
publisher = {Elsevier},
abstract = {With the proliferation of drones, there is an increasing interest on utilizing swarm-of-drones in numerous applications from surveillance to search and rescue. While a swarm-of-drones (a.k.a flying ad hoc networks (FANETs)) is essentially a special form of mobile ad-hoc networks (MANETs) which has been studied for many years, there are unique requirements of drone applications that necessitate re-visiting MANET protocols. These challenges stem from 3-D environments the drones are deployed in, and their specific way of mobility which adds to the wireless link management challenges among the drones. To tackle these challenges, in this paper, we propose adopting the current mesh standard, namely IEEE 802.11s, in its routing capabilities to provide improved performance. Specifically, we propose two new link quality routing metrics called SrFTime and CRP as an alternative to the IEEE 802.11s default Airtime.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
With the proliferation of drones, there is an increasing interest on utilizing swarm-of-drones in numerous applications from surveillance to search and rescue. While a swarm-of-drones (a.k.a flying ad hoc networks (FANETs)) is essentially a special form of mobile ad-hoc networks (MANETs) which has been studied for many years, there are unique requirements of drone applications that necessitate re-visiting MANET protocols. These challenges stem from 3-D environments the drones are deployed in, and their specific way of mobility which adds to the wireless link management challenges among the drones. To tackle these challenges, in this paper, we propose adopting the current mesh standard, namely IEEE 802.11s, in its routing capabilities to provide improved performance. Specifically, we propose two new link quality routing metrics called SrFTime and CRP as an alternative to the IEEE 802.11s default Airtime.
27.
Amit Kumar Sikder, Hidayet Aksu, A. Selcuk Uluagac
A Context-Aware Framework for Detecting Sensor-Based Threats on Smart Devices Journal Article
IEEE Transactions on Mobile Computing Journal, 2020.
Abstract | Links | BibTeX | Tags: IoT Security
@article{Sikder2019Context-Aware,
title = {A Context-Aware Framework for Detecting Sensor-Based Threats on Smart Devices},
author = {Amit Kumar Sikder and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/8613866},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {IEEE Transactions on Mobile Computing Journal
},
journal = {IEEE Transactions on Mobile Computing Journal},
abstract = {Sensors (e.g., light, gyroscope, and accelerometer) and sensing-enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor Application Programming Interface (API). In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users' sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT). We implemented 6thSense on several sensor-rich Android-based smart devices (i.e., smart watch and smartphone) and collected data from typical daily activities of 100 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor, (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96 percent without compromising the normal functionality of the device. Moreover, our framework reveals minimal overhead.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Sensors (e.g., light, gyroscope, and accelerometer) and sensing-enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor Application Programming Interface (API). In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users' sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT). We implemented 6thSense on several sensor-rich Android-based smart devices (i.e., smart watch and smartphone) and collected data from typical daily activities of 100 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor, (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96 percent without compromising the normal functionality of the device. Moreover, our framework reveals minimal overhead.
28.
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
Context-aware intrusion detection method for smart devices with sensors Patent
US Patent, 2019, (US Patent 10,417,413).
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@patent{sikder2019context,
title = {Context-aware intrusion detection method for smart devices with sensors},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US10417413B2/en},
year = {2019},
date = {2019-09-01},
urldate = {2019-09-01},
publisher = {Google Patents},
abstract = {A smart device can include a data oriented sensor providing a numerical value, a logic oriented sensor providing a state, a sensor value collector connected to the data oriented sensor, a sensor logic state detector connected to the logic oriented sensor, a data processor connected to the sensor value collector and the sensor logic state detector, and a data analyzer connected to the data processor. The data processor can take the numerical value received from the sensor value collector, calculate an average value from the numerical value, sample the state receiving from the sensor logic state detector, and create an input matrix by using the average value and the sampled state. The data analyzer can receive the input matrix, train an analytical model, and check a data to indicate whether a state of the smart device is malicious or not.},
howpublished = {US Patent},
note = {US Patent 10,417,413},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {patent}
}
A smart device can include a data oriented sensor providing a numerical value, a logic oriented sensor providing a state, a sensor value collector connected to the data oriented sensor, a sensor logic state detector connected to the logic oriented sensor, a data processor connected to the sensor value collector and the sensor logic state detector, and a data analyzer connected to the data processor. The data processor can take the numerical value received from the sensor value collector, calculate an average value from the numerical value, sample the state receiving from the sensor logic state detector, and create an input matrix by using the average value and the sampled state. The data analyzer can receive the input matrix, train an analytical model, and check a data to indicate whether a state of the smart device is malicious or not.
29.
Z Berkay Celik, Patrick McDaniel, Gang Tan, Leonardo Babun, A Selcuk Uluagac
Verifying internet of things safety and security in physical spaces Journal Article
IEEE Security & Privacy Journal, 2019.
Abstract | BibTeX | Tags: CPS Security, IoT Security
@article{celik2019verifying,
title = {Verifying internet of things safety and security in physical spaces},
author = {Z Berkay Celik and Patrick McDaniel and Gang Tan and Leonardo Babun and A Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {IEEE Security & Privacy Journal},
publisher = {IEEE},
abstract = {Concerns about safety and security have led to questions about the risk of embracing the Internet of Things (IoT). We consider the needs and techniques for verifying the correct operation of IoT devices and environments within the physical spaces they inhabit.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Concerns about safety and security have led to questions about the risk of embracing the Internet of Things (IoT). We consider the needs and techniques for verifying the correct operation of IoT devices and environments within the physical spaces they inhabit.
30.
Leonardo Babun, Hidayet Aksu, A Selcuk Uluagac
A system-level behavioral detection framework for compromised CPS devices: Smart-grid case Journal Article
ACM Transactions on Cyber-Physical Systems Journal, 2019.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{babun2019system,
title = {A system-level behavioral detection framework for compromised CPS devices: Smart-grid case},
author = {Leonardo Babun and Hidayet Aksu and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/fullHtml/10.1145/3355300},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {ACM Transactions on Cyber-Physical Systems Journal},
publisher = {ACM New York, NY, USA},
abstract = {Cyber-Physical Systems (CPS) play a significant role in our critical infrastructure networks from power-distribution to utility networks. The emerging smart-grid concept is a compelling critical CPS infrastructure that relies on two-way communications between smart devices to increase efficiency, enhance reliability, and reduce costs. However, compromised devices in the smart grid poses several security challenges. Consequences of propagating fake data or stealing sensitive smart grid information via compromised devices are costly. Hence, early behavioral detection of compromised devices is critical for protecting the smart grids components and data. To address these concerns, in this article, we introduce a novel and configurable system-level framework to identify compromised smart grid devices. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Cyber-Physical Systems (CPS) play a significant role in our critical infrastructure networks from power-distribution to utility networks. The emerging smart-grid concept is a compelling critical CPS infrastructure that relies on two-way communications between smart devices to increase efficiency, enhance reliability, and reduce costs. However, compromised devices in the smart grid poses several security challenges. Consequences of propagating fake data or stealing sensitive smart grid information via compromised devices are costly. Hence, early behavioral detection of compromised devices is critical for protecting the smart grids components and data. To address these concerns, in this article, we introduce a novel and configurable system-level framework to identify compromised smart grid devices.
31.
Z Berkay Celik, Abbas Acar, Hidayet Aksu, Ryan Sheatsley, Patrick McDaniel, A Selcuk Uluagac
Curie: Policy-based secure data exchange Conference Paper
In the Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY), 2019.
Abstract | Links | BibTeX | Tags: Authentication, IoT Security
@conference{celik2019curie,
title = {Curie: Policy-based secure data exchange},
author = {Z Berkay Celik and Abbas Acar and Hidayet Aksu and Ryan Sheatsley and Patrick McDaniel and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/10.1145/3292006.3300042},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY)},
abstract = {Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents, an approach to exchange data among members who have complex relationships. },
keywords = {Authentication, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents, an approach to exchange data among members who have complex relationships.
32.
Kyle Denney, Enes Erdin, Leonardo Babun, A Selcuk Uluagac
Dynamically detecting usb attacks in hardware: Poster Demo/Poster
In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, 2019.
Abstract | BibTeX | Tags: IoT Security
@Demo/Posters{denney2019dynamically,
title = {Dynamically detecting usb attacks in hardware: Poster},
author = {Kyle Denney and Enes Erdin and Leonardo Babun and A Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks},
abstract = {Malicious USB devices can disguise themselves as benign devices (e.g., keyboard, mouse, etc.) to insert malicious commands on end devices. Advanced software-based detection schemes (deeper operating system level) are used to identify the malicious nature of such mimic devices. However, a powerful adversary (e.g., as rootkits or advanced persistent threats) can subvert those software-based detection schemes. To address these concerns, we present our ongoing work to dynamically detect these threats in hardware. Specifically, we utilize a novel hardware-assistance mechanism to collect unaltered USB data at the physical layer which is fed into a machine learning-based classifier to determine the true nature of the USB device.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {Demo/Posters}
}
Malicious USB devices can disguise themselves as benign devices (e.g., keyboard, mouse, etc.) to insert malicious commands on end devices. Advanced software-based detection schemes (deeper operating system level) are used to identify the malicious nature of such mimic devices. However, a powerful adversary (e.g., as rootkits or advanced persistent threats) can subvert those software-based detection schemes. To address these concerns, we present our ongoing work to dynamically detect these threats in hardware. Specifically, we utilize a novel hardware-assistance mechanism to collect unaltered USB data at the physical layer which is fed into a machine learning-based classifier to determine the true nature of the USB device.
33.
Amit Kumar Sikder, Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
Aegis: A Context-Aware Security Framework for Smart Home Systems Conference Paper
In the Proceedings of the 35th Annual Computer Security Applications Conference (ACSA), 2019.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{Sikder2019Aegis,
title = {Aegis: A Context-Aware Security Framework for Smart Home Systems},
author = {Amit Kumar Sikder and Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3359789.3359840},
doi = {10.1145/3359789.3359840},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {In the Proceedings of the 35th Annual Computer Security Applications Conference (ACSA)},
abstract = {Our everyday lives are expanding fast with the introduction of new Smart Home Systems (SHSs). Today, a myriad of SHS devices and applications are widely available to users and have already started to re-define our modern lives. Smart home users utilize the apps to control and automate such devices. Users can develop their own apps or easily download and install them from vendor-specific app markets. App-based SHSs offer many tangible benefits to our lives, but also unfold diverse security risks. Several attacks have already been reported for SHSs. However, current security solutions consider smart home devices and apps individually to detect malicious actions rather than the context of the SHS as a whole. The existing mechanisms cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these issues, in this paper, we introduce Aegis, a novel context-aware security framework to detect malicious behavior in a SHS. Specifically, Aegis observes the states of the connected smart home entities (sensors and devices) for different user activities and usage patterns in a SHS and builds a contextual model to differentiate between malicious and benign behavior. We evaluated the efficacy and performance of Aegis in multiple smart home settings (i.e., single bedroom, double bedroom, duplex) with real-life users performing day-to-day activities and real SHS devices. We also measured the performance of Aegis against five different malicious behaviors. Our detailed evaluation shows that Aegis can detect malicious behavior in SHS with high accuracy (over 95%) and secure the SHS regardless of the smart home layout, device configuration, installed apps, and enforced user policies. Finally, Aegis achieves minimum overhead in detecting malicious behavior in SHS, ensuring easy deployability in real-life smart environments.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Our everyday lives are expanding fast with the introduction of new Smart Home Systems (SHSs). Today, a myriad of SHS devices and applications are widely available to users and have already started to re-define our modern lives. Smart home users utilize the apps to control and automate such devices. Users can develop their own apps or easily download and install them from vendor-specific app markets. App-based SHSs offer many tangible benefits to our lives, but also unfold diverse security risks. Several attacks have already been reported for SHSs. However, current security solutions consider smart home devices and apps individually to detect malicious actions rather than the context of the SHS as a whole. The existing mechanisms cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these issues, in this paper, we introduce Aegis, a novel context-aware security framework to detect malicious behavior in a SHS. Specifically, Aegis observes the states of the connected smart home entities (sensors and devices) for different user activities and usage patterns in a SHS and builds a contextual model to differentiate between malicious and benign behavior. We evaluated the efficacy and performance of Aegis in multiple smart home settings (i.e., single bedroom, double bedroom, duplex) with real-life users performing day-to-day activities and real SHS devices. We also measured the performance of Aegis against five different malicious behaviors. Our detailed evaluation shows that Aegis can detect malicious behavior in SHS with high accuracy (over 95%) and secure the SHS regardless of the smart home layout, device configuration, installed apps, and enforced user policies. Finally, Aegis achieves minimum overhead in detecting malicious behavior in SHS, ensuring easy deployability in real-life smart environments.
34.
Leonardo Babun, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
Real-time analysis of privacy-(un) aware IoT applications Conference Paper
In the Proceedings of the Privacy Enhancing Technologies Symposium (PoPETs), 2019.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{babun2019real,
title = {Real-time analysis of privacy-(un) aware IoT applications},
author = {Leonardo Babun and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
url = {https://petsymposium.org/popets/2021/popets-2021-0009.php},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {arXiv preprint arXiv:1911.10461},
publisher = {In the Proceedings of the Privacy Enhancing Technologies Symposium (PoPETs)},
abstract = {Users trust IoT apps to control and automate their smart devices. These apps necessarily have access to sensitive data to implement their functionality. However, users lack visibility into how their sensitive data is used (or leaked), and they often blindly trust the app developers. In this paper, we present IoTWatcH, a novel dynamic analysis tool that uncovers the privacy risks of IoT apps in real-time. We designed and built IoTWatcH based on an IoT privacy survey that considers the privacy needs of IoT users. IoTWatcH provides users with a simple interface to specify their privacy preferences with an IoT app. Then, in runtime, it analyzes both the data that is sent out of the IoT app and its recipients using Natural Language Processing (NLP) techniques. Moreover, IoTWatcH informs the users with its findings to make them aware of the privacy risks with the IoT app. We implemented IoTWatcH on real IoT applications. Specifically, we analyzed 540 IoT apps to train the NLP model and evaluate its effectiveness. IoTWatcH successfully classifies IoT app data sent to external parties to correct privacy labels with an average accuracy of 94.25%, and flags IoT apps that leak privacy data to unauthorized parties. Finally, IoTWatcH yields minimal overhead to an IoT app's execution, on average 105 ms additional latency.},
howpublished = {In the proceedings of the Privacy Enhancing Technologies (PETs)},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Users trust IoT apps to control and automate their smart devices. These apps necessarily have access to sensitive data to implement their functionality. However, users lack visibility into how their sensitive data is used (or leaked), and they often blindly trust the app developers. In this paper, we present IoTWatcH, a novel dynamic analysis tool that uncovers the privacy risks of IoT apps in real-time. We designed and built IoTWatcH based on an IoT privacy survey that considers the privacy needs of IoT users. IoTWatcH provides users with a simple interface to specify their privacy preferences with an IoT app. Then, in runtime, it analyzes both the data that is sent out of the IoT app and its recipients using Natural Language Processing (NLP) techniques. Moreover, IoTWatcH informs the users with its findings to make them aware of the privacy risks with the IoT app. We implemented IoTWatcH on real IoT applications. Specifically, we analyzed 540 IoT apps to train the NLP model and evaluate its effectiveness. IoTWatcH successfully classifies IoT app data sent to external parties to correct privacy labels with an average accuracy of 94.25%, and flags IoT apps that leak privacy data to unauthorized parties. Finally, IoTWatcH yields minimal overhead to an IoT app's execution, on average 105 ms additional latency.
35.
Leonardo Babun, Amit K. Sikder, Abbas Acar, A. Selcuk Uluagac
A Digital Forensics Framework for Smart Settings: Poster Conference Paper
In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2019.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@conference{1Babun2019DFFramework,
title = {A Digital Forensics Framework for Smart Settings: Poster},
author = {Leonardo Babun and Amit K. Sikder and Abbas Acar and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3317549.3326317},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {Users utilize IoT devices and sensors in a co-operative manner to enable the concept of a smart environment. This integration generate data with high forensic value. Nonetheless, current smart app programming platforms do not provide any digital forensics capability to identify, trace, store, and analyze the data produced in these settings. To overcome these limitations, in this poster, we present our ongoing work to introduce a novel digital forensic framework for a smart environment.},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Users utilize IoT devices and sensors in a co-operative manner to enable the concept of a smart environment. This integration generate data with high forensic value. Nonetheless, current smart app programming platforms do not provide any digital forensics capability to identify, trace, store, and analyze the data produced in these settings. To overcome these limitations, in this poster, we present our ongoing work to introduce a novel digital forensic framework for a smart environment.
36.
Z. Berkay Celik, Leonardo Babun, Amit Kumar Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, A. Selcuk Uluagac
Sensitive Information Tracking in Commodity IoT Conference Paper
In the Proceedings of the 27th USENIX Security Symposium, 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Mobile Security
@conference{Berkay2018InfoTrackingb,
title = {Sensitive Information Tracking in Commodity IoT},
author = {Z. Berkay Celik and Leonardo Babun and Amit Kumar Sikder and Hidayet Aksu and Gang Tan and Patrick McDaniel and A. Selcuk Uluagac},
url = {https://www.usenix.org/conference/usenixsecurity18/presentation/celik},
year = {2018},
date = {2018-08-01},
urldate = {2018-08-01},
booktitle = {In the Proceedings of the 27th USENIX Security Symposium},
abstract = {Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced manufacturing and other IoT applications have changed the way we live, play, and work. Yet extant IoT platforms provide few means of evaluating the use (and potential avenues for misuse) of sensitive information. Thus, consumers and organizations have little information to assess the security and privacy risks these devices present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates in three phases; (a) translation of platform-specific IoT source code into an intermediate representation (IR), (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data flows. We evaluate SainT on 230 SmartThings market apps and find 138 (60%) include sensitive data flows. In addition, we demonstrate SainT on IoTBench, a novel open-source test suite containing 19 apps with 27 unique data leaks. Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying potential threats to security and privacy.},
howpublished = {In the proceedings of the 27th USENIX Security Symposium},
keywords = {IoT Security, Mobile Security },
pubstate = {published},
tppubtype = {conference}
}
Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced manufacturing and other IoT applications have changed the way we live, play, and work. Yet extant IoT platforms provide few means of evaluating the use (and potential avenues for misuse) of sensitive information. Thus, consumers and organizations have little information to assess the security and privacy risks these devices present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates in three phases; (a) translation of platform-specific IoT source code into an intermediate representation (IR), (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data flows. We evaluate SainT on 230 SmartThings market apps and find 138 (60%) include sensitive data flows. In addition, we demonstrate SainT on IoTBench, a novel open-source test suite containing 19 apps with 27 unique data leaks. Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying potential threats to security and privacy.
37.
Muhammad A Hakim, Hidayet Aksu, A Selcuk Uluagac, Kemal Akkaya
U-pot: A honeypot framework for upnp-based iot devices Conference Paper
In the Proceedings of the IEEE 37th International Performance Computing and Communications Conference (IPCCC), 2018.
Abstract | Links | BibTeX | Tags: Honeypot/Honeynet, IoT Security
@conference{hakim2018u,
title = {U-pot: A honeypot framework for upnp-based iot devices},
author = {Muhammad A Hakim and Hidayet Aksu and A Selcuk Uluagac and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/document/8711321},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE 37th International Performance Computing and Communications Conference (IPCCC)},
abstract = {The ubiquitous nature of the IoT devices has brought serious security implications to its users. A lot of consumer IoT devices have little to no security implementation at all, thus risking user's privacy and making them target of mass cyber-attacks. Indeed, recent outbreak of Mirai botnet and its variants have already proved the lack of security on the IoT world. Hence, it is important to understand the security issues and attack vectors in the IoT domain. Though significant research has been done to secure traditional computing systems, little focus was given to the IoT realm. In this work, we reduce this gap by developing a honeypot framework for IoT devices. Specifically, we introduce U-PoT: a novel honeypot framework for capturing attacks on IoT devices that use Universal Plug and Play (UPnP) protocol. A myriad of smart home devices including smart switches, smart bulbs, surveillance cameras, smart hubs, etc. uses the UPnP protocol. Indeed, a simple search on Shodan IoT search engine lists 1,676,591 UPnP devices that are exposed to public network. The popularity and ubiquitous nature of UPnP-based IoT device necessitates a full-fledged IoT honeypot system for UPnP devices. Our novel framework automatically creates a honeypot from UPnP device description documents and is extendable to any device types or vendors that use UPnP for communication. To the best of our knowledge, this is the first work towards a flexible and configurable honeypot framework for UPnP-based IoT devices. We released U-PoT under an open source license for further research on IoT security and created a database of UPnP device descriptions. We also evaluated our framework on two emulated deices. Our experiments show that the emulated devices are able to mimic the behavior of a real IoT device and trick vendor-provided device management applications or popular IoT search engines while having minimal performance ovherhead.},
keywords = {Honeypot/Honeynet, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
The ubiquitous nature of the IoT devices has brought serious security implications to its users. A lot of consumer IoT devices have little to no security implementation at all, thus risking user's privacy and making them target of mass cyber-attacks. Indeed, recent outbreak of Mirai botnet and its variants have already proved the lack of security on the IoT world. Hence, it is important to understand the security issues and attack vectors in the IoT domain. Though significant research has been done to secure traditional computing systems, little focus was given to the IoT realm. In this work, we reduce this gap by developing a honeypot framework for IoT devices. Specifically, we introduce U-PoT: a novel honeypot framework for capturing attacks on IoT devices that use Universal Plug and Play (UPnP) protocol. A myriad of smart home devices including smart switches, smart bulbs, surveillance cameras, smart hubs, etc. uses the UPnP protocol. Indeed, a simple search on Shodan IoT search engine lists 1,676,591 UPnP devices that are exposed to public network. The popularity and ubiquitous nature of UPnP-based IoT device necessitates a full-fledged IoT honeypot system for UPnP devices. Our novel framework automatically creates a honeypot from UPnP device description documents and is extendable to any device types or vendors that use UPnP for communication. To the best of our knowledge, this is the first work towards a flexible and configurable honeypot framework for UPnP-based IoT devices. We released U-PoT under an open source license for further research on IoT security and created a database of UPnP device descriptions. We also evaluated our framework on two emulated deices. Our experiments show that the emulated devices are able to mimic the behavior of a real IoT device and trick vendor-provided device management applications or popular IoT search engines while having minimal performance ovherhead.
38.
Mumin Cebe, Enes Erdin, Kemal Akkaya, Hidayet Aksu, Selcuk Uluagac
Block4forensic: An integrated lightweight blockchain framework for forensics applications of connected vehicles Journal Article
IEEE Communications Magazine, 2018.
Abstract | Links | BibTeX | Tags: Blockchain Security, Forensics, IoT Security
@article{cebe2018block4forensic,
title = {Block4forensic: An integrated lightweight blockchain framework for forensics applications of connected vehicles},
author = {Mumin Cebe and Enes Erdin and Kemal Akkaya and Hidayet Aksu and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/8493118},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Communications Magazine},
publisher = {IEEE},
abstract = {Today's vehicles are becoming cyber-physical systems that not only communicate with other vehicles but also gather various information from hundreds of sensors within them. These developments help create smart and connected (e.g., self-driving) vehicles that will introduce significant information to drivers, manufacturers, insurance companies, and maintenance service providers for various applications. One such application that is becoming crucial with the introduction of self-driving cars is forensic analysis of traffic accidents. The utilization of vehicle-related data can be instrumental in post-accident scenarios to discover the faulty party, particularly for self-driving vehicles. With the opportunity of being able to access various information in cars, we propose a permissioned blockchain framework among the various elements involved to manage the collected vehicle-related data. Specifically, we first integrate vehicular public key infrastructure (VPKI) to the proposed blockchain to provide membership establishment and privacy. Next, we design a fragmented ledger that will store detailed data related to vehicles such as maintenance information/ history, car diagnosis reports, and so on. The proposed forensic framework enables trustless, traceable, and privacy-aware post-accident analysis with minimal storage and processing overhead.},
keywords = {Blockchain Security, Forensics, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Today's vehicles are becoming cyber-physical systems that not only communicate with other vehicles but also gather various information from hundreds of sensors within them. These developments help create smart and connected (e.g., self-driving) vehicles that will introduce significant information to drivers, manufacturers, insurance companies, and maintenance service providers for various applications. One such application that is becoming crucial with the introduction of self-driving cars is forensic analysis of traffic accidents. The utilization of vehicle-related data can be instrumental in post-accident scenarios to discover the faulty party, particularly for self-driving vehicles. With the opportunity of being able to access various information in cars, we propose a permissioned blockchain framework among the various elements involved to manage the collected vehicle-related data. Specifically, we first integrate vehicular public key infrastructure (VPKI) to the proposed blockchain to provide membership establishment and privacy. Next, we design a fragmented ledger that will store detailed data related to vehicles such as maintenance information/ history, car diagnosis reports, and so on. The proposed forensic framework enables trustless, traceable, and privacy-aware post-accident analysis with minimal storage and processing overhead.
39.
Hidayet Aksu, A Selcuk Uluagac, Elizabeth S Bentley
Identification of wearable devices with bluetooth Journal Article
IEEE Transactions on Sustainable Computing Journal, 2018.
Abstract | Links | BibTeX | Tags: Fingerprinting, IoT Security
@article{AksuIdentificationIEEE,
title = {Identification of wearable devices with bluetooth},
author = {Hidayet Aksu and A Selcuk Uluagac and Elizabeth S Bentley},
url = {https://ieeexplore.ieee.org/document/8299447},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Transactions on Sustainable Computing Journal},
publisher = {IEEE},
abstract = {With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5 percent, 98.3 percent precision and recall for identifying wearables using the Bluetooth classic protocol.},
keywords = {Fingerprinting, IoT Security},
pubstate = {published},
tppubtype = {article}
}
With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5 percent, 98.3 percent precision and recall for identifying wearables using the Bluetooth classic protocol.
40.
Samet Tonyali, Kemal Akkaya, Nico Saputro, A. Selcuk Uluagac, Mehrdad Nojoumian
Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems Journal Article
Future Generation Computer Systems journal, 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Smart-grid Security
@article{TONYALI2018IoTdataAgreb,
title = {Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems},
author = {Samet Tonyali and Kemal Akkaya and Nico Saputro and A. Selcuk Uluagac and Mehrdad Nojoumian},
url = {https://www.sciencedirect.com/science/article/pii/S0167739X17306945},
doi = {https://doi.org/10.1016/j.future.2017.04.031},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {Future Generation Computer Systems journal},
abstract = {As the Internet of Things (IoT) gets more pervasive, its areas of usage expands. Smart Metering systems is such an IoT-enabled technology that enables convenient and high frequency data collection compared to existing metering systems. However, such a frequent data collection puts the consumers’ privacy in risk as it helps expose the consumers’ daily habits. Secure in-network data aggregation can be used to both preserve consumers’ privacy and reduce the packet traffic due to high frequency metering data. The privacy can be provided by performing the aggregation on concealed metering data. Fully homomorphic encryption (FHE) and secure multiparty computation (secure MPC) are the systems that enable performing multiple operations on concealed data. However, both FHE and secure MPC systems have some overhead in terms of data size or message complexity. The overhead is compounded in the IoT-enabled networks such as Smart Grid (SG) Advanced Metering Infrastructure (AMI). In this paper, we propose new protocols to adapt FHE and secure MPC to be deployed in SG AMI networks that are formed using wireless mesh networks. The proposed protocols conceal the smart meters’ (SMs) reading data by encrypting it (FHE) or computing its shares on a randomly generated polynomial (secure MPC). The encrypted data/computed shares are aggregated at some certain aggregator SM(s) up to the gateway of the network in a hierarchical manner without revealing the readings’ actual value. To assess their performance, we conducted extensive experiments using the ns-3 network simulator. The simulation results indicate that the secure MPC-based protocol can be a viable privacy-preserving data aggregation mechanism since it not only reduces the overhead with respect to FHE but also almost matches the performance of the Paillier cryptosystem when it is used within a proper sized AMI network.},
keywords = {IoT Security, Smart-grid Security},
pubstate = {published},
tppubtype = {article}
}
As the Internet of Things (IoT) gets more pervasive, its areas of usage expands. Smart Metering systems is such an IoT-enabled technology that enables convenient and high frequency data collection compared to existing metering systems. However, such a frequent data collection puts the consumers’ privacy in risk as it helps expose the consumers’ daily habits. Secure in-network data aggregation can be used to both preserve consumers’ privacy and reduce the packet traffic due to high frequency metering data. The privacy can be provided by performing the aggregation on concealed metering data. Fully homomorphic encryption (FHE) and secure multiparty computation (secure MPC) are the systems that enable performing multiple operations on concealed data. However, both FHE and secure MPC systems have some overhead in terms of data size or message complexity. The overhead is compounded in the IoT-enabled networks such as Smart Grid (SG) Advanced Metering Infrastructure (AMI). In this paper, we propose new protocols to adapt FHE and secure MPC to be deployed in SG AMI networks that are formed using wireless mesh networks. The proposed protocols conceal the smart meters’ (SMs) reading data by encrypting it (FHE) or computing its shares on a randomly generated polynomial (secure MPC). The encrypted data/computed shares are aggregated at some certain aggregator SM(s) up to the gateway of the network in a hierarchical manner without revealing the readings’ actual value. To assess their performance, we conducted extensive experiments using the ns-3 network simulator. The simulation results indicate that the secure MPC-based protocol can be a viable privacy-preserving data aggregation mechanism since it not only reduces the overhead with respect to FHE but also almost matches the performance of the Paillier cryptosystem when it is used within a proper sized AMI network.
41.
Amit Kumar Sikder, Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, Kemal Akkaya, Mauro Conti
IoT-enabled smart lighting systems for smart cities Conference Paper
In the Proceedings of the IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@conference{Sikder2018Smartlightingb,
title = {IoT-enabled smart lighting systems for smart cities},
author = {Amit Kumar Sikder and Abbas Acar and Hidayet Aksu and A. Selcuk Uluagac and Kemal Akkaya and Mauro Conti},
url = {https://ieeexplore.ieee.org/abstract/document/8301744},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC)},
abstract = {Over the past few decades, the rate of urbanization has increased enormously. More enhanced services and applications are needed in urban areas to provide a better lifestyle. Smart city, which is a concept of interconnecting modern digital technologies in the context of a city, is a potential solution to enhance the quality and performance of urban services. With the introduction of Internet-of-Things (IoT) in the smart city, new opportunities have emerged to develop new services and integrate different application domains with each other using Information and Communication Technologies. However, to ensure seamless services in an IoT-enabled smart city environment, all the applications have to be maintained with limited energy resources. One of the core sectors that can be improved significantly by implementing IoT is the lighting system of a city since it consumes more energy than other parts of a city. In a smart city, the lighting system is integrated with advanced sensors and communication channels to obtain a Smart Lighting System (SLS). The goal of an SLS is to obtain an autonomous and more efficient lighting management system. In this paper, we provide an overview of the SLS and review different IoT-enabled communication protocols, which can be used to realize the SLS in the context of a smart city. Moreover, we analyzed different usage scenarios for IoT-enabled indoor and outdoor SLS and provide an analysis of the power consumption. Our results reveal that IoT-enabled smart lighting systems can reduce power consumption up to 33.33% in both indoor and outdoor settings. Finally, we discussed the future research directions in SLS in the smart city.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Over the past few decades, the rate of urbanization has increased enormously. More enhanced services and applications are needed in urban areas to provide a better lifestyle. Smart city, which is a concept of interconnecting modern digital technologies in the context of a city, is a potential solution to enhance the quality and performance of urban services. With the introduction of Internet-of-Things (IoT) in the smart city, new opportunities have emerged to develop new services and integrate different application domains with each other using Information and Communication Technologies. However, to ensure seamless services in an IoT-enabled smart city environment, all the applications have to be maintained with limited energy resources. One of the core sectors that can be improved significantly by implementing IoT is the lighting system of a city since it consumes more energy than other parts of a city. In a smart city, the lighting system is integrated with advanced sensors and communication channels to obtain a Smart Lighting System (SLS). The goal of an SLS is to obtain an autonomous and more efficient lighting management system. In this paper, we provide an overview of the SLS and review different IoT-enabled communication protocols, which can be used to realize the SLS in the context of a smart city. Moreover, we analyzed different usage scenarios for IoT-enabled indoor and outdoor SLS and provide an analysis of the power consumption. Our results reveal that IoT-enabled smart lighting systems can reduce power consumption up to 33.33% in both indoor and outdoor settings. Finally, we discussed the future research directions in SLS in the smart city.
42.
Halim Burak Yesilyurt, Hidayet Aksu, Selcuk Uluagac, Raheem Beyah
SOTA: Secure Over-the-Air Programming of IoT Devices Conference Paper
In the Proceedings of the IEEE Military Communications Conference (MILCOM), 2018.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{Yesilyurt2018SOTAb,
title = {SOTA: Secure Over-the-Air Programming of IoT Devices},
author = {Halim Burak Yesilyurt and Hidayet Aksu and Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/8599705},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE Military Communications Conference (MILCOM)},
abstract = {The emerging Internet of Things (IoT) devices introduced many useful applications that are utilized in our daily lives, scientific research, and military operations. In these applications, secure over the air programming of IoT devices is vital as the devices can be re-programmed by hackers and the firmware can be stolen by eavesdropping a live firmware distribution operation. Nonetheless, as most of the IoT devices have limited computational resources (e.g., memory, CPU, storage), over-the-air programming of IoT devices necessitates efficient utilization of the resources. In this work, to address these concerns and provide a more efficient and secure code-dissemination process, a novel secure over-the-air programming framework called SOTA is introduced, which is also designed as an open-source framework and available for the research and developer communities. SOTA provides confidentiality, integrity, and authentication to resource-limited IoT devices in order to protect the firmware from adversaries. Furthermore, we perform extensive performance evaluations on real resource-limited IoT devices with Atmel-based microcontrollers. Evaluations revealed that SOTA has minimal performance and memory overhead on the IoT devices. SOTA is a promising solution to provide an over-the-air code dissemination protocol with security to resource-limited IoT devices in both military and civilian settings.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
The emerging Internet of Things (IoT) devices introduced many useful applications that are utilized in our daily lives, scientific research, and military operations. In these applications, secure over the air programming of IoT devices is vital as the devices can be re-programmed by hackers and the firmware can be stolen by eavesdropping a live firmware distribution operation. Nonetheless, as most of the IoT devices have limited computational resources (e.g., memory, CPU, storage), over-the-air programming of IoT devices necessitates efficient utilization of the resources. In this work, to address these concerns and provide a more efficient and secure code-dissemination process, a novel secure over-the-air programming framework called SOTA is introduced, which is also designed as an open-source framework and available for the research and developer communities. SOTA provides confidentiality, integrity, and authentication to resource-limited IoT devices in order to protect the firmware from adversaries. Furthermore, we perform extensive performance evaluations on real resource-limited IoT devices with Atmel-based microcontrollers. Evaluations revealed that SOTA has minimal performance and memory overhead on the IoT devices. SOTA is a promising solution to provide an over-the-air code dissemination protocol with security to resource-limited IoT devices in both military and civilian settings.
43.
Hidayet Aksu, Leonardo Babun, Mauro Conti, Gabriele Tolomei, A. Selcuk Uluagac
Advertising in the IoT Era: Vision and Challenges Journal Article
IEEE Communications Magazine, 2018.
Abstract | Links | BibTeX | Tags: IoT Security
@article{Akkaya2018IoTAdvb,
title = {Advertising in the IoT Era: Vision and Challenges},
author = {Hidayet Aksu and Leonardo Babun and Mauro Conti and Gabriele Tolomei and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8337812},
doi = {10.1109/MCOM.2017.1700871},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Communications Magazine},
abstract = {The IoT extends the idea of interconnecting computers to a plethora of different devices, collectively referred to as smart devices. These are physical items, that is, "things", such as wearable devices, home appliances, and vehicles, enriched with computational and networking capabilities. Due to the huge set of devices involved, and therefore its pervasiveness, IoT is a great platform to leverage for building new applications and services or extending existing ones. In this regard, expanding online advertising into the IoT realm is an under-investigated yet promising research direction, especially considering that the traditional Internet advertising market is already worth hundreds of billions of dollars. In this article, we first propose the architecture of an IoT advertising platform inspired by the well known business ecosystem, which the traditional Internet advertising is based on. Additionally, we discuss the key challenges to implement such a platform, with a special focus on issues related to architecture, advertisement content delivery, security, and privacy of the users.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
The IoT extends the idea of interconnecting computers to a plethora of different devices, collectively referred to as smart devices. These are physical items, that is, "things", such as wearable devices, home appliances, and vehicles, enriched with computational and networking capabilities. Due to the huge set of devices involved, and therefore its pervasiveness, IoT is a great platform to leverage for building new applications and services or extending existing ones. In this regard, expanding online advertising into the IoT realm is an under-investigated yet promising research direction, especially considering that the traditional Internet advertising market is already worth hundreds of billions of dollars. In this article, we first propose the architecture of an IoT advertising platform inspired by the well known business ecosystem, which the traditional Internet advertising is based on. Additionally, we discuss the key challenges to implement such a platform, with a special focus on issues related to architecture, advertisement content delivery, security, and privacy of the users.
44.
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
{6thSense}: A context-aware sensor-based attack detector for smart devices Conference Paper
In the Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), 2017.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{Sikder6thSenseUSENIX,
title = {{6thSense}: A context-aware sensor-based attack detector for smart devices},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/sikder},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
booktitle = {In the Proceedings of the 26th USENIX Security Symposium (USENIX Security 17)},
abstract = {Sensors (e.g., light, gyroscope, accelerometer) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users’ sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT) to detect malicious behavior associated with sensors. We implemented 6thSense on a sensor-rich Android smart device (i.e., smartphone) and collected data from typical daily activities of 50 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor (e.g., light), (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework costs minimal overhead.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Sensors (e.g., light, gyroscope, accelerometer) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users’ sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT) to detect malicious behavior associated with sensors. We implemented 6thSense on a sensor-rich Android smart device (i.e., smartphone) and collected data from typical daily activities of 50 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor (e.g., light), (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework costs minimal overhead.
45.
Nico Saputro, Ali Ihsan Yurekli, Kemal Akkaya, Selcuk Uluagac
Privacy preservation for IoT used in smart buildings Journal Article
Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations, 2016.
Abstract | Links | BibTeX | Tags: IoT Security, Privacy Preserving, Smart Home Security
@article{SaputroPrivacyIOT,
title = {Privacy preservation for IoT used in smart buildings},
author = {Nico Saputro and Ali Ihsan Yurekli and Kemal Akkaya and Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S0167739X23001322},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations},
abstract = {Smart Buildings (SBs) employ the latest IoT technologies to automate building operations and services with the objective of increasing operational efficiency, maximising occupant comfort, and minimising environmental impact. However, these smart devices – mostly cloud-based – can capture and share a variety of sensitive and private data about the occupants, exposing them to various privacy threats. Given the non-intrusive nature of these devices, individuals typically have little or no awareness of the data being collected about them. Even if they do and claim to care about their privacy, they fail to take the necessary steps to safeguard it due to the convenience offered by the IoT devices. This discrepancy between user attitude and actual behaviour is known as the ‘privacy paradox’. To address this tension between data privacy, consent and convenience, this paper proposes a novel solution for informed consent management in shared smart spaces. Our proposed Informed Consent Management Engine (ICME) (a) increases user awareness about the data being collected by the IoT devices in the SB environment, (b) provides fine-grained visibility into privacy conformance and compliance by these devices, and (c) enables informed and confident privacy decision-making, through digital nudging. This study provides a reference architecture for ICME that can be used to implement diverse end-user consent management solutions for smart buildings. A proof-of-concept prototype is also implemented to demonstrate how ICME works in a shared smart workplace. Our proposed solution is validated by conducting expert interviews with 15 highly experienced industry professionals and academic researchers to understand the strengths, limitations, and potential improvements of the proposed system.},
keywords = {IoT Security, Privacy Preserving, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Smart Buildings (SBs) employ the latest IoT technologies to automate building operations and services with the objective of increasing operational efficiency, maximising occupant comfort, and minimising environmental impact. However, these smart devices – mostly cloud-based – can capture and share a variety of sensitive and private data about the occupants, exposing them to various privacy threats. Given the non-intrusive nature of these devices, individuals typically have little or no awareness of the data being collected about them. Even if they do and claim to care about their privacy, they fail to take the necessary steps to safeguard it due to the convenience offered by the IoT devices. This discrepancy between user attitude and actual behaviour is known as the ‘privacy paradox’. To address this tension between data privacy, consent and convenience, this paper proposes a novel solution for informed consent management in shared smart spaces. Our proposed Informed Consent Management Engine (ICME) (a) increases user awareness about the data being collected by the IoT devices in the SB environment, (b) provides fine-grained visibility into privacy conformance and compliance by these devices, and (c) enables informed and confident privacy decision-making, through digital nudging. This study provides a reference architecture for ICME that can be used to implement diverse end-user consent management solutions for smart buildings. A proof-of-concept prototype is also implemented to demonstrate how ICME works in a shared smart workplace. Our proposed solution is validated by conducting expert interviews with 15 highly experienced industry professionals and academic researchers to understand the strengths, limitations, and potential improvements of the proposed system.
46.
Shruthi Ravichandran, Ramalingam K Chandrasekar, A Selcuk Uluagac, Raheem Beyah
A simple visualization and programming framework for wireless sensor networks: PROVIZ Journal Article
Ad Hoc Networks Journal, 2016.
Abstract | Links | BibTeX | Tags: IoT Security
@article{RavichandranPROVIZElsevier,
title = {A simple visualization and programming framework for wireless sensor networks: PROVIZ},
author = {Shruthi Ravichandran and Ramalingam K Chandrasekar and A Selcuk Uluagac and Raheem Beyah},
url = {https://www.sciencedirect.com/science/article/pii/S1570870516301639},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {Ad Hoc Networks Journal},
publisher = {Elsevier},
abstract = {Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs for programming, visualization, and simulation tools. However, these tools are designed as separate stand-alone applications. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ. PROVIZ is an integrated visualization and programming framework with the following features: PROVIZ includes (1) a visualization tool that can visualize heterogeneous WSN traffic (with different packet payload formats) by parsing the data received either from a packet sniffer (e.g., a sensor-based sniffer or a commercial TI SmartRF 802.15.4 packet sniffer) or from a simulator (e.g., OMNeT); (2) a scripting language based on the TinyOS sensor network platform that aims at reducing code size and improving programming efficacy; (3) an over-the-air programming tool to securely program sensor nodes; (4) a visual programming tool with basic sensor drag-and-drop modules for generating simple WSN programs; and (5) a visual network comparison tool that analyzes packet traces of two networks to generate a juxtaposed visual comparison of contrasting network characteristics. PROVIZ also includes built-in extensible visual demo deployment capabilities that allow users to quickly craft network scenarios and share them with other users. In this work, we introduce the various features of PROVIZ’s visualization and programming framework, analyze test scenarios, and discuss how all the tools can be used in sync with each other to create an all-encompassing development and test environment.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs for programming, visualization, and simulation tools. However, these tools are designed as separate stand-alone applications. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ. PROVIZ is an integrated visualization and programming framework with the following features: PROVIZ includes (1) a visualization tool that can visualize heterogeneous WSN traffic (with different packet payload formats) by parsing the data received either from a packet sniffer (e.g., a sensor-based sniffer or a commercial TI SmartRF 802.15.4 packet sniffer) or from a simulator (e.g., OMNeT); (2) a scripting language based on the TinyOS sensor network platform that aims at reducing code size and improving programming efficacy; (3) an over-the-air programming tool to securely program sensor nodes; (4) a visual programming tool with basic sensor drag-and-drop modules for generating simple WSN programs; and (5) a visual network comparison tool that analyzes packet traces of two networks to generate a juxtaposed visual comparison of contrasting network characteristics. PROVIZ also includes built-in extensible visual demo deployment capabilities that allow users to quickly craft network scenarios and share them with other users. In this work, we introduce the various features of PROVIZ’s visualization and programming framework, analyze test scenarios, and discuss how all the tools can be used in sync with each other to create an all-encompassing development and test environment.
47.
Spencer Michaels, Kemal Akkaya, A. Selcuk Uluagac
Inducing data loss in Zigbee networks via join/association handshake spoofing Conference Paper
In the Proceedings of the IEEE Conference on Communications and Network Security (CNS), 2016.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@conference{MichaelsZigbeeIEEECNS,
title = {Inducing data loss in Zigbee networks via join/association handshake spoofing},
author = {Spencer Michaels and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/7860527},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Communications and Network Security (CNS)},
abstract = {Zigbee is an IEEE 802.15.4-based specification for low-power wireless mesh networks. Being a protocol with several known vulnerabilities, it continues to attract extensive research interest due to its potential applications in the Internet-of-Things (IoT). One of Zigbee's weak points lies in the network coordinator's initial handshake with a joining device, which is unencrypted. Our paper proposes a denial-of-service attack which exploits this fact to convince an end device to send its data to a rogue device on a different channel rather than the actual coordinator. Because the resource limitations of Zigbee devices generally preclude permanent storage, this is likely to result in loss of the transmitted data. We successfully demonstrate our attack and propose a solution that uses challenge-response based authentication to mitigate the attack.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Zigbee is an IEEE 802.15.4-based specification for low-power wireless mesh networks. Being a protocol with several known vulnerabilities, it continues to attract extensive research interest due to its potential applications in the Internet-of-Things (IoT). One of Zigbee's weak points lies in the network coordinator's initial handshake with a joining device, which is unencrypted. Our paper proposes a denial-of-service attack which exploits this fact to convince an end device to send its data to a rogue device on a different channel rather than the actual coordinator. Because the resource limitations of Zigbee devices generally preclude permanent storage, this is likely to result in loss of the transmitted data. We successfully demonstrate our attack and propose a solution that uses challenge-response based authentication to mitigate the attack.
48.
A. Selcuk Uluagac, Raheem A. Beyah, John A. Copeland
Secure SOurce-BAsed Loose Synchronization (SOBAS) for Wireless Sensor Networks Journal Article
In proceedings of IEEE Transactions on Parallel and Distributed Systems, 2013.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@article{UluagacSOBASIEEE2013,
title = {Secure SOurce-BAsed Loose Synchronization (SOBAS) for Wireless Sensor Networks},
author = {A. Selcuk Uluagac and Raheem A. Beyah and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/6216359},
doi = {10.1109/TPDS.2012.170},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
journal = {In proceedings of IEEE Transactions on Parallel and Distributed Systems},
abstract = {We present the Secure SOurce-BAsed Loose Synchronization (SOBAS) protocol to securely synchronize the events in the network, without the transmission of explicit synchronization control messages. In SOBAS, nodes use their local time values as a one-time dynamic key to encrypt each message. In this way, SOBAS provides an effective dynamic en-route filtering mechanism, where the malicious data is filtered from the network. With SOBAS, we are able to achieve our main goal of synchronizing events at the sink as quickly, as accurately, and as surreptitiously as possible. With loose synchronization, SOBAS reduces the number of control messages needed for a WSN to operate providing the key benefits of reduced energy consumption as well as reducing the opportunity for malicious nodes to eavesdrop, intercept, or be made aware of the presence of the network. Albeit a loose synchronization per se, SOBAS is also able to provide (7.24μ)s clock precision given today's sensor technology, which is much better than other comparable schemes (schemes that do not employ GPS devices). Also, we show that by recognizing the need for and employing loose time synchronization, necessary synchronization can be provided to the WSN application using half of the energy needed for traditional schemes. Both analytical and simulation results are presented to verify the feasibility of SOBAS as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {article}
}
We present the Secure SOurce-BAsed Loose Synchronization (SOBAS) protocol to securely synchronize the events in the network, without the transmission of explicit synchronization control messages. In SOBAS, nodes use their local time values as a one-time dynamic key to encrypt each message. In this way, SOBAS provides an effective dynamic en-route filtering mechanism, where the malicious data is filtered from the network. With SOBAS, we are able to achieve our main goal of synchronizing events at the sink as quickly, as accurately, and as surreptitiously as possible. With loose synchronization, SOBAS reduces the number of control messages needed for a WSN to operate providing the key benefits of reduced energy consumption as well as reducing the opportunity for malicious nodes to eavesdrop, intercept, or be made aware of the presence of the network. Albeit a loose synchronization per se, SOBAS is also able to provide (7.24μ)s clock precision given today's sensor technology, which is much better than other comparable schemes (schemes that do not employ GPS devices). Also, we show that by recognizing the need for and employing loose time synchronization, necessary synchronization can be provided to the WSN application using half of the energy needed for traditional schemes. Both analytical and simulation results are presented to verify the feasibility of SOBAS as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.
49.
Ramalingam K. Chandrasekar, A. Selcuk Uluagac, Raheem Beyah
PROVIZ: An integrated visualization and programming framework for WSNs Conference Paper
In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops), 2013.
Abstract | Links | BibTeX | Tags: IoT Security, Security Visualization
@conference{ChandrasekarPROVIZIEEE2013,
title = {PROVIZ: An integrated visualization and programming framework for WSNs},
author = {Ramalingam K. Chandrasekar and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6758511/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops)},
abstract = {Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs. Independent of the functionalities provided by the WSN applications, many of the developers use visualization, simulation, and programming tools. However, these tools are designed as separate stand-alone applications, which force developers to use multiple tools. This situation often poses confusion and hampers an efficient development experience. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ, which is an integrated visualization and programming framework. In this paper, we explain the various features of PROVIZ's visualization and programming framework and discuss how PROVIZ can be used as a visual debugging tool to aid in providing a software fix.},
keywords = {IoT Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs. Independent of the functionalities provided by the WSN applications, many of the developers use visualization, simulation, and programming tools. However, these tools are designed as separate stand-alone applications, which force developers to use multiple tools. This situation often poses confusion and hampers an efficient development experience. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ, which is an integrated visualization and programming framework. In this paper, we explain the various features of PROVIZ's visualization and programming framework and discuss how PROVIZ can be used as a visual debugging tool to aid in providing a software fix.
50.
Marco Valero, A. Selcuk Uluagac, S. Venkatachalam, K. C. Ramalingam, Raheem Beyah
The Monitoring Core: A framework for sensor security application development Conference Paper
In the proceedings of the IEEE 9th International Conference on Mobile Adhoc and Sensor Systems (MASS) , 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{ValeroMonitoringCoreIEEE2012,
title = {The Monitoring Core: A framework for sensor security application development},
author = {Marco Valero, A. Selcuk Uluagac, S. Venkatachalam, K. C. Ramalingam and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6502525/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of the IEEE 9th International Conference on Mobile Adhoc and Sensor Systems (MASS)
},
abstract = {Wireless sensor networks (WSNs) are used for the monitoring of physical and environmental phenomena, and applicable in a range of different domains (e.g., health care, military, critical infrastructure). When using WSNs in a variety of real-world applications, security is a vital problem that should be considered by developers. As the development of security applications (SAs) for WSNs require meticulous procedures and operations, the software implementation process can be more challenging than regular applications. Hence, in an effort to facilitate the design, development and implementation of WSN security applications, we introduce the Monitoring Core (M-Core). The M-Core is a modular, lightweight, and extensible software layer that gathers necessary data including the internal and the external status of the sensor (e.g., information about ongoing communications, neighbors, and sensing), and provides relevant information for the development of new SAs. Similar to other software development tools, the M-Core was developed to facilitate the design and development of new WSN SAs on different platforms. Moreover, a new user-friendly domain-specific language, the M-Core Control Language (MCL), was developed to further facilitate the use of the M-Core and reduce the developer's coding time. With the MCL, a user can implement new SAs without the overhead of learning the details of the underlying sensor software architecture (e.g., TinyOS). The M-Core has been implemented in TinyOS-2.x and tested on real sensors (Tmote Sky and MicaZ). Using the M-Core architecture, we implemented several SAs to show that the M-Core allows easy and rapid development of security programs efficiently and effectively.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Wireless sensor networks (WSNs) are used for the monitoring of physical and environmental phenomena, and applicable in a range of different domains (e.g., health care, military, critical infrastructure). When using WSNs in a variety of real-world applications, security is a vital problem that should be considered by developers. As the development of security applications (SAs) for WSNs require meticulous procedures and operations, the software implementation process can be more challenging than regular applications. Hence, in an effort to facilitate the design, development and implementation of WSN security applications, we introduce the Monitoring Core (M-Core). The M-Core is a modular, lightweight, and extensible software layer that gathers necessary data including the internal and the external status of the sensor (e.g., information about ongoing communications, neighbors, and sensing), and provides relevant information for the development of new SAs. Similar to other software development tools, the M-Core was developed to facilitate the design and development of new WSN SAs on different platforms. Moreover, a new user-friendly domain-specific language, the M-Core Control Language (MCL), was developed to further facilitate the use of the M-Core and reduce the developer's coding time. With the MCL, a user can implement new SAs without the overhead of learning the details of the underlying sensor software architecture (e.g., TinyOS). The M-Core has been implemented in TinyOS-2.x and tested on real sensors (Tmote Sky and MicaZ). Using the M-Core architecture, we implemented several SAs to show that the M-Core allows easy and rapid development of security programs efficiently and effectively.
51.
KC Ramalingam, Venkatachalam Subramanian, Selcuk Uluagac, Raheem Beyah
SIMAGE: Secure and Link-Quality Cognizant Image Distribution for wireless sensor networks Conference Paper
In the proceedings of IEEE Global Communications Conference (GLOBECOM), 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{RamalingamSimageIEEE2012,
title = {SIMAGE: Secure and Link-Quality Cognizant Image Distribution for wireless sensor networks},
author = {KC Ramalingam, Venkatachalam Subramanian, Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6503181/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of IEEE Global Communications Conference (GLOBECOM)},
abstract = {Wireless sensor networks (WSNs) are used in a range of critical domains (e.g., health care, military, critical infrastructure) where it is necessary that the nodes be reprogrammed with a new or modified code image without removing them from the deployment area. Various protocols have been developed for the dissemination of code images between sensors in multi-hop WSNs, where these sensor nodes may have varying levels of link quality. However, the code dissemination process in these protocols is hindered by the nodes with poor link quality. This results in an increased number of retransmissions and code dissemination time. Also, in several of the techniques, the code dissemination process is not secure and can be eavesdropped or disrupted by a malicious wireless sensor node in the transmission range. In this paper, we propose a simple approach, Secure and Link-Quality Cognizant Image Distribution (SIMAGE), to enhance the existing code dissemination protocol using the available resources in the sensors. Specifically, our approach adapts to the varying link conditions via dynamic packet sizing to reduce the number of retransmissions and overall code dissemination time. Our approach also provides confidentiality and integrity to the code dissemination process by utilizing energy-efficient encryption and authentication mechanisms with RC4 and the CBC-MAC. We have evaluated SIMAGE in a network of real sensors and the results show that adjusting the packet size as a function of link quality reduces the retransmitted data by 93% and the image transmission time by 35% when compared to the existing code dissemination protocols. The trade-offs between reliability, security overhead, and overall transmission time for SIMAGE are also discussed.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Wireless sensor networks (WSNs) are used in a range of critical domains (e.g., health care, military, critical infrastructure) where it is necessary that the nodes be reprogrammed with a new or modified code image without removing them from the deployment area. Various protocols have been developed for the dissemination of code images between sensors in multi-hop WSNs, where these sensor nodes may have varying levels of link quality. However, the code dissemination process in these protocols is hindered by the nodes with poor link quality. This results in an increased number of retransmissions and code dissemination time. Also, in several of the techniques, the code dissemination process is not secure and can be eavesdropped or disrupted by a malicious wireless sensor node in the transmission range. In this paper, we propose a simple approach, Secure and Link-Quality Cognizant Image Distribution (SIMAGE), to enhance the existing code dissemination protocol using the available resources in the sensors. Specifically, our approach adapts to the varying link conditions via dynamic packet sizing to reduce the number of retransmissions and overall code dissemination time. Our approach also provides confidentiality and integrity to the code dissemination process by utilizing energy-efficient encryption and authentication mechanisms with RC4 and the CBC-MAC. We have evaluated SIMAGE in a network of real sensors and the results show that adjusting the packet size as a function of link quality reduces the retransmitted data by 93% and the image transmission time by 35% when compared to the existing code dissemination protocols. The trade-offs between reliability, security overhead, and overall transmission time for SIMAGE are also discussed.
52.
Marco Valero, Sang Shin Jung, A. Selcuk Uluagac, Yingshu Li, Raheem Beyah
Di-Sec: A distributed security framework for heterogeneous Wireless Sensor Networks Conference Paper
In the proceedings IEEE International Conference on Computer Communications (INFOCOM), 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{ValeroDi-SecIEEE2012,
title = {Di-Sec: A distributed security framework for heterogeneous Wireless Sensor Networks},
author = {Marco Valero and Sang Shin Jung and A. Selcuk Uluagac and Yingshu Li and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6195801/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings IEEE International Conference on Computer Communications (INFOCOM)},
abstract = {Wireless Sensor Networks (WSNs) are deployed for monitoring in a range of critical domains (e.g., health care, military, critical infrastructure). Accordingly, these WSNs should be resilient to attacks. The current approach to defending against malicious threats is to develop and deploy a specific defense mechanism for a specific attack. However, the problem with this traditional approach to defending sensor networks is that the solution for the Jamming attack does not defend against other attacks (e.g., Sybil and Selective Forwarding). In reality, one cannot know a priori what type of attack an adversary will launch. This work addresses the challenges with the traditional approach to securing sensor networks and presents a comprehensive framework, Di-Sec, that can defend against all known and forthcoming attacks. At the heart of Di-Sec lies the monitoring core (M-Core), which is an extensible and lightweight layer that gathers statistics relevant for the defense mechanisms. The M-Core allows for the monitoring of both internal and external threats and supports the execution of multiple detection and defense mechanisms (DDMs) against different threats in parallel. Along with Di-Sec, a new user-friendly domain-specific language was developed, the M-Core Control Language (MCL). Using the MCL, a user can implement new defense mechanisms without the overhead of learning the details of the underlying software architecture (i.e., TinyOS, Di-Sec). Hence, the MCL expedites the development of sensor defense mechanisms by significantly simplifying the coding process for developers. The Di-Sec framework has been implemented and tested on real sensors to evaluate its feasibility and performance. Our evaluation of memory, communication, and sensing components shows that Di-Sec is feasible on today's resource-limited sensors and has a nominal overhead. Furthermore, we illustrate the basic functionality of Di-Sec by implementing and simultaneously executing DDMs for attacks at various layers of the communication stack (i.e., Jamming, Selective Forwarding, Sybil, and Internal attacks).},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Wireless Sensor Networks (WSNs) are deployed for monitoring in a range of critical domains (e.g., health care, military, critical infrastructure). Accordingly, these WSNs should be resilient to attacks. The current approach to defending against malicious threats is to develop and deploy a specific defense mechanism for a specific attack. However, the problem with this traditional approach to defending sensor networks is that the solution for the Jamming attack does not defend against other attacks (e.g., Sybil and Selective Forwarding). In reality, one cannot know a priori what type of attack an adversary will launch. This work addresses the challenges with the traditional approach to securing sensor networks and presents a comprehensive framework, Di-Sec, that can defend against all known and forthcoming attacks. At the heart of Di-Sec lies the monitoring core (M-Core), which is an extensible and lightweight layer that gathers statistics relevant for the defense mechanisms. The M-Core allows for the monitoring of both internal and external threats and supports the execution of multiple detection and defense mechanisms (DDMs) against different threats in parallel. Along with Di-Sec, a new user-friendly domain-specific language was developed, the M-Core Control Language (MCL). Using the MCL, a user can implement new defense mechanisms without the overhead of learning the details of the underlying software architecture (i.e., TinyOS, Di-Sec). Hence, the MCL expedites the development of sensor defense mechanisms by significantly simplifying the coding process for developers. The Di-Sec framework has been implemented and tested on real sensors to evaluate its feasibility and performance. Our evaluation of memory, communication, and sensing components shows that Di-Sec is feasible on today's resource-limited sensors and has a nominal overhead. Furthermore, we illustrate the basic functionality of Di-Sec by implementing and simultaneously executing DDMs for attacks at various layers of the communication stack (i.e., Jamming, Selective Forwarding, Sybil, and Internal attacks).
53.
A. Selcuk Uluagac, Raheem A. Beyah, Yingshu Li, John A. Copeland
VEBEK: Virtual Energy-Based Encryption and Keying for Wireless Sensor Networks Journal Article
IEEE Transactions on Mobile Computing Journal, 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@article{UluagacVEBEKIEEE2010,
title = {VEBEK: Virtual Energy-Based Encryption and Keying for Wireless Sensor Networks},
author = {A. Selcuk Uluagac, Raheem A. Beyah, Yingshu Li and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5438995/},
doi = {10.1109/TMC.2010.51},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
journal = {IEEE Transactions on Mobile Computing Journal},
abstract = {Designing cost-efficient, secure network protocols for Wireless Sensor Networks (WSNs) is a challenging problem because sensors are resource-limited wireless devices. Since the communication cost is the most dominant factor in a sensor's energy consumption, we introduce an energy-efficient Virtual Energy-Based Encryption and Keying (VEBEK) scheme for WSNs that significantly reduces the number of transmissions needed for rekeying to avoid stale keys. In addition to the goal of saving energy, minimal transmission is imperative for some military applications of WSNs where an adversary could be monitoring the wireless spectrum. VEBEK is a secure communication framework where sensed data is encoded using a scheme based on a permutation code generated via the RC4 encryption mechanism. The key to the RC4 encryption mechanism dynamically changes as a function of the residual virtual energy of the sensor. Thus, a one-time dynamic key is employed for one packet only and different keys are used for the successive packets of the stream. The intermediate nodes along the path to the sink are able to verify the authenticity and integrity of the incoming packets using a predicted value of the key generated by the sender's virtual energy, thus requiring no need for specific rekeying messages. VEBEK is able to efficiently detect and filter false data injected into the network by malicious outsiders. The VEBEK framework consists of two operational modes (VEBEK-I and VEBEK-II), each of which is optimal for different scenarios. In VEBEK-I, each node monitors its one-hop neighbors where VEBEK-II statistically monitors downstream nodes. We have evaluated VEBEK's feasibility and performance analytically and through simulations. Our results show that VEBEK, without incurring transmission overhead (increasing packet size or sending control messages for rekeying), is able to eliminate malicious data from the network in an energy-efficient manner. We also show that our framework performs better than other comparable schemes in the literature with an overall 60-100 percent improvement in energy savings without the assumption of a reliable medium access control layer.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {article}
}
Designing cost-efficient, secure network protocols for Wireless Sensor Networks (WSNs) is a challenging problem because sensors are resource-limited wireless devices. Since the communication cost is the most dominant factor in a sensor's energy consumption, we introduce an energy-efficient Virtual Energy-Based Encryption and Keying (VEBEK) scheme for WSNs that significantly reduces the number of transmissions needed for rekeying to avoid stale keys. In addition to the goal of saving energy, minimal transmission is imperative for some military applications of WSNs where an adversary could be monitoring the wireless spectrum. VEBEK is a secure communication framework where sensed data is encoded using a scheme based on a permutation code generated via the RC4 encryption mechanism. The key to the RC4 encryption mechanism dynamically changes as a function of the residual virtual energy of the sensor. Thus, a one-time dynamic key is employed for one packet only and different keys are used for the successive packets of the stream. The intermediate nodes along the path to the sink are able to verify the authenticity and integrity of the incoming packets using a predicted value of the key generated by the sender's virtual energy, thus requiring no need for specific rekeying messages. VEBEK is able to efficiently detect and filter false data injected into the network by malicious outsiders. The VEBEK framework consists of two operational modes (VEBEK-I and VEBEK-II), each of which is optimal for different scenarios. In VEBEK-I, each node monitors its one-hop neighbors where VEBEK-II statistically monitors downstream nodes. We have evaluated VEBEK's feasibility and performance analytically and through simulations. Our results show that VEBEK, without incurring transmission overhead (increasing packet size or sending control messages for rekeying), is able to eliminate malicious data from the network in an energy-efficient manner. We also show that our framework performs better than other comparable schemes in the literature with an overall 60-100 percent improvement in energy savings without the assumption of a reliable medium access control layer.
54.
Selcuk Uluagac, Raheem A. Beyah, John A. Copeland
Time-Based Dynamic Keying and En-Route Filtering (TICK) for Wireless Sensor Networks Conference Paper
In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM), 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{UluagacTICKIEEE2010,
title = {Time-Based Dynamic Keying and En-Route Filtering (TICK) for Wireless Sensor Networks},
author = {Selcuk Uluagac, Raheem A. Beyah and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5683787/},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
booktitle = {In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM)},
abstract = {Given that transmission cost is significant in a Wireless Sensor Network (WSN), sending explicit keying control messages significantly increases the amount of energy consumed by each sensing device. Thus, in this paper, we address the issue of security for WSNs from a completely novel perspective. We present a technique to secure the network, without the transmission of explicit keying messages needed to avoid stale keys. Our protocol, the TIme-Based DynamiC Keying and En-Route Filtering (TICK) protocol for WSNs secures events as they occur. As opposed to current chatty schemes that incur regular keying message overhead, nodes use their local time values as a one-time dynamic key to encrypt each message. Further, this mechanism prevents malicious nodes from injecting false packets into the network. TICK is as a worst case twice more energy efficient than existing related work. Both an analytical framework and simulation results are presented to verify the feasibility of TICK as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Given that transmission cost is significant in a Wireless Sensor Network (WSN), sending explicit keying control messages significantly increases the amount of energy consumed by each sensing device. Thus, in this paper, we address the issue of security for WSNs from a completely novel perspective. We present a technique to secure the network, without the transmission of explicit keying messages needed to avoid stale keys. Our protocol, the TIme-Based DynamiC Keying and En-Route Filtering (TICK) protocol for WSNs secures events as they occur. As opposed to current chatty schemes that incur regular keying message overhead, nodes use their local time values as a one-time dynamic key to encrypt each message. Further, this mechanism prevents malicious nodes from injecting false packets into the network. TICK is as a worst case twice more energy efficient than existing related work. Both an analytical framework and simulation results are presented to verify the feasibility of TICK as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.
55.
Selcuk Uluagac, Raheem A Beyah,, John A. Copeland
Analysis of Varying AS Path Lengths from the Edge of the Network Conference Paper
In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM), 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{UluagacIEEE2010,
title = {Analysis of Varying AS Path Lengths from the Edge of the Network},
author = {Selcuk Uluagac, Raheem A Beyah, and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5683787/},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
booktitle = {In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM)},
abstract = {Understanding and analyzing the past and current behavior of the Internet will be instrumental in building tomorrow's more efficient and scalable networks (e.g., the future Internet). In this paper, we study the impact of Autonomous Systems (ASs) paths' end-to-end latency. Unfortunately, due to the diverse set of non-disclosed routing policies among ASs, packets belonging to a certain end-to- end connection may traverse different ASs, causing fluctuating AS paths. Fluctuation of AS paths has been studied in the literature directly from the core of the network. In this paper, we take a different approach to the analysis of the fluctuation, solely from the edge of the network. Specifically, from the end user's perspective, some AS paths may be optimal (or better) and some sub-optimal. Furthermore, there is not a unique definition for sub- optimality as it may be reflected with various measures (e.g., latency) depending on the application requirements and expectations. In this paper we analyze fluctuating AS path lengths (ASPLs) and investigate their impact on the end-to-end latency over the Internet at a greater scale than previous studies. This study was conducted using Scriptroute to probe various PlanetLab nodes. Our results show that all of the source nodes experienced some AS path differences and the ASPL values that the sources use greatly vary. At worst, some nodes experienced different paths over 70% of the time during our measurements. We observed that the largest difference in ASPLs on a particular connection was as high as 6 with an average of 2.5. Moreover, we present real cases where ASPL and latency values are related, inversely related, and not related at all. Finally, we provide a simple definition for suboptimality and analyze the collected data against this definition. We show that overall 82% of the fluctuating paths and 9% of all the traces between source-destination pairs faced sub-optimal AS paths.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Understanding and analyzing the past and current behavior of the Internet will be instrumental in building tomorrow's more efficient and scalable networks (e.g., the future Internet). In this paper, we study the impact of Autonomous Systems (ASs) paths' end-to-end latency. Unfortunately, due to the diverse set of non-disclosed routing policies among ASs, packets belonging to a certain end-to- end connection may traverse different ASs, causing fluctuating AS paths. Fluctuation of AS paths has been studied in the literature directly from the core of the network. In this paper, we take a different approach to the analysis of the fluctuation, solely from the edge of the network. Specifically, from the end user's perspective, some AS paths may be optimal (or better) and some sub-optimal. Furthermore, there is not a unique definition for sub- optimality as it may be reflected with various measures (e.g., latency) depending on the application requirements and expectations. In this paper we analyze fluctuating AS path lengths (ASPLs) and investigate their impact on the end-to-end latency over the Internet at a greater scale than previous studies. This study was conducted using Scriptroute to probe various PlanetLab nodes. Our results show that all of the source nodes experienced some AS path differences and the ASPL values that the sources use greatly vary. At worst, some nodes experienced different paths over 70% of the time during our measurements. We observed that the largest difference in ASPLs on a particular connection was as high as 6 with an average of 2.5. Moreover, we present real cases where ASPL and latency values are related, inversely related, and not related at all. Finally, we provide a simple definition for suboptimality and analyze the collected data against this definition. We show that overall 82% of the fluctuating paths and 9% of all the traces between source-destination pairs faced sub-optimal AS paths.
56.
A. Selcuk Uluagac, Christopher P. Lee, Raheem A. Beyah, John A. Copeland
Designing Secure Protocols for Wireless Sensor Networks Book
Springer Berlin Heidelberg, Berlin, Heidelberg, 2008.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@book{UluagacSpringer2008,
title = {Designing Secure Protocols for Wireless Sensor Networks},
author = {A. Selcuk Uluagac and Christopher P. Lee and Raheem A. Beyah and John A. Copeland},
editor = {Yingshu Li and Dung T. Huynh and Sajal K. Das and Ding-Zhu Du},
url = {https://link.springer.com/chapter/10.1007/978-3-540-88582-5_47},
year = {2008},
date = {2008-01-01},
urldate = {2008-01-01},
booktitle = {Wireless Algorithms, Systems, and Applications},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {Over the years, a myriad of protocols have been proposed for resource-limited Wireless Sensor Networks (WSNs). Similarly, security research for WSNs has also evolved over the years. Although fundamental notions of WSN research are well established, optimization of the limited resources has motivated new research directions in the field. In this paper, we seek to present general principles to aid in the design of secure WSN protocols. Therefore, building upon both the established and the new concepts, envisioned applications, and the experience garnered from the WSNs research, we first review the desired security services (i.e., confidentiality, authentication, integrity, access control, availability, and nonrepudiation) from WSNs perspective. Then, we question which services would be necessary for resource-constrained WSNs and when it would be most reasonable to implement them for a WSN application.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {book}
}
Over the years, a myriad of protocols have been proposed for resource-limited Wireless Sensor Networks (WSNs). Similarly, security research for WSNs has also evolved over the years. Although fundamental notions of WSN research are well established, optimization of the limited resources has motivated new research directions in the field. In this paper, we seek to present general principles to aid in the design of secure WSN protocols. Therefore, building upon both the established and the new concepts, envisioned applications, and the experience garnered from the WSNs research, we first review the desired security services (i.e., confidentiality, authentication, integrity, access control, availability, and nonrepudiation) from WSNs perspective. Then, we question which services would be necessary for resource-constrained WSNs and when it would be most reasonable to implement them for a WSN application.
Citations: 8413
h-index: 44
i10-index: 107
