Do you want to publish a course? Click here

A Step Towards Checking Security in IoT

108   0   0.0 ( 0 )
 Added by EPTCS
 Publication date 2016
and research's language is English




Ask ChatGPT about the research

The Internet of Things (IoT) is smartifying our everyday life. Our starting point is IoT-LySa, a calculus for describing IoT systems, and its static analysis, which will be presented at Coordination 2016. We extend the mentioned proposal in order to begin an investigation about security issues, in particular for the static verification of secrecy and some other security properties.



rate research

Read More

Concurrent and parallel programming is difficult due to the presence of memory side-effects, which may introduce data races. Type qualifiers, such as reference capabilities, can remove data races by restricting sharing of mutable data. Unfortunately, reference capability languages are an all-in or nothing game, i.e., all the types must be annotated with reference capabilities. In this work in progress, we propose to mix the ideas from the reference capability literature with gradual typing, leading to gradual reference capabilities.
Six years after the adoption of the standard 4.0, the Bluetooth Special Interest Group (SIG), a non-profit association that deals with the study and the development of technology standards including those of Bluetooth, has officially released the main features of Bluetooth 5.0. It is one of the significant developments in short-range wireless communication technology. As stated by the SIG, the new standard will forever change the way people approach the Internet of Things (IoT), turning it into something that takes place around them in an almost natural and transparent way. In this article, the future IoT scenarios and use cases that justify the push for Bluetooth 5 are introduced. A set of new technical features that are included in Bluetooth 5 are presented, and their advantages and drawbacks are described.
This paper presents LWeb, a framework for enforcing label-based, information flow policies in database-using web applications. In a nutshell, LWeb marries the LIO Haskell IFC enforcement library with the Yesod web programming framework. The implementation has two parts. First, we extract the core of LIO into a monad transformer (LMonad) and then apply it to Yesods core monad. Second, we extend Yesods table definition DSL and query functionality to permit defining and enforcing label-based policies on tables and enforcing them during query processing. LWebs policy language is expressive, permitting dynamic per-table and per-row policies. We formalize the essence of LWeb in the $lambda_{LWeb}$ calculus and mechanize the proof of noninterference in Liquid Haskell. This mechanization constitutes the first metatheoretic proof carried out in Liquid Haskell. We also used LWeb to build a substantial web site hosting the Build it, Break it, Fix it security-oriented programming contest. The site involves 40 data tables and sophisticated policies. Compared to manually checking security policies, LWeb imposes a modest runtime overhead of between 2% to 21%. It reduces the trusted code base from the whole application to just 1% of the application code, and 21% of the code overall (when counting LWeb too).
The Internet of Things (IoT) has been on the rise in the last decade as it finds applications in various domains. Hospitality is one of the pioneer sectors that has adopted this technology to create novel services such as smart hotel rooms, personalized services etc. Hotels, restaurants, theme parks, and cruise ships are some specific application areas to improve customer satisfaction by creating an intense interactive environment and data collection with the use of appropriate sensors and actuators. However, applying IoT solutions in the hospitality environment has some unique challenges such as easy physical access to devices. In addition, due to the very nature of these domains, the customers are at the epicenter of these IoT technologies that result in a massive amount of data collection from them. Such data and its management along with business purposes also raises new concerns regarding privacy and ethical considerations. Therefore, this paper surveys and analyzes security, privacy and ethical issues regarding the utilization of IoT devices by focusing on the hospitality industry specifically. We explore some exemplary uses, cases, potential problems and solutions in order to contribute to better understanding and guiding the business operators in this sector.
Machine learning finds rich applications in Internet of Things (IoT) networks such as information retrieval, traffic management, spectrum sensing, and signal authentication. While there is a surge of interest to understand the security issues of machine learning, their implications have not been understood yet for wireless applications such as those in IoT systems that are susceptible to various attacks due the open and broadcast nature of wireless communications. To support IoT systems with heterogeneous devices of different priorities, we present new techniques built upon adversarial machine learning and apply them to three types of over-the-air (OTA) wireless attacks, namely jamming, spectrum poisoning, and priority violation attacks. By observing the spectrum, the adversary starts with an exploratory attack to infer the channel access algorithm of an IoT transmitter by building a deep neural network classifier that predicts the transmission outcomes. Based on these prediction results, the wireless attack continues to either jam data transmissions or manipulate sensing results over the air (by transmitting during the sensing phase) to fool the transmitter into making wrong transmit decisions in the test phase (corresponding to an evasion attack). When the IoT transmitter collects sensing results as training data to retrain its channel access algorithm, the adversary launches a causative attack to manipulate the input data to the transmitter over the air. We show that these attacks with different levels of energy consumption and stealthiness lead to significant loss in throughput and success ratio in wireless communications for IoT systems. Then we introduce a defense mechanism that systematically increases the uncertainty of the adversary at the inference stage and improves the performance. Results provide new insights on how to attack and defend IoT networks using deep learning.
comments
Fetching comments Fetching comments
Sign in to be able to follow your search criteria
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا