Computer Science Thesis Proposal

8102 - Gates Hillman Centers

TIANLONG YU , Ph.D. Student

Securing Internet-of-Things via Fine-grained Network Detection and Prevention

The Internet-of-Things (IoT) has quickly moved from the realm of hype to reality. Traditional host-centric security solutions (e.g., antivirus, software patches) are fundamentally at odds with the realities of IoT (e.g., poor vendor security practices and constrained hardware). We argue that the network will have to play a critical role in securing IoT deployments. However, the scale, diversity, cyber-physical coupling, and cross-device use cases inherent to IoT require us to rethink network security along three key dimensions. Current enforcement architecture cannot enforce context-based and agile security postures needed to protect IoT devices. Current detection mechanisms cannot profile the network-side IoT behaviors. Also, there is no mechanism to learn the complex environment-device or cross-device interactions.

We propose to build a behavioral model inference mechanism and a learning mechanism to generate the security postures for regulating single device behaviors as well as environment-device or cross-device interactions. We also propose to build a novel enforcement architecture to enforce such security postures in a context-based and agile manner.

However, such task is challenging. It is hard to design an expressive policy abstraction to express context-based and agile policies. It is hard to design a scalable and responsive controller to orchestrate the enforcement architecture. It is hard to model the network behaviors of IoT devices due to the lack of network behavior models for IoT devices and the data pollution issue. It is hard to define and learn a model to capture the environment-device interactions and the cross-device interactions because of the data sparsity issue and privacy issue.

To provide context-based and agile enforcement, we propose a new enforcement architecture called PSI (Precise Security Instrumentation). Leveraging recent advances in SDN (Software-Defined Networking) and NFV (Network Function Virtualization), PSI protects each IoT device with dedicated software middleboxes enforcing context-based and agile policies. To model the network behaviors of an IoT device, we design a robust behavioral model inference mechanism called RADIO to build benign behavioral models from potentially polluted network traces. To learning the complex IoT interactions, we propose to build a distributed learning mechanism (IoTML) to learn the IoT interaction model across multiple smart homes.

Thesis Committee:
Srinivasan Seshan (Co-Chair)
Vyas Sekar (Co-Chair)
Yuvraj Agarwal (ISR/ECE)
Virginia Smith (ECE)
Susanta Nanda (Symantic Research Labs)

Copy of Thesis Summary

For More Information: