An analysis of Internet of Things (IOT) ecosystem from the perspective of device functionality, application security and application accessibility
dc.contributor.author | Paudel, Upakar, author | |
dc.contributor.author | Ray, Indrakshi, advisor | |
dc.contributor.author | Malaiya, Yashwant, committee member | |
dc.contributor.author | Simske, Steve, committee member | |
dc.date.accessioned | 2022-05-30T10:21:01Z | |
dc.date.available | 2022-05-30T10:21:01Z | |
dc.date.issued | 2022 | |
dc.description.abstract | Internet of Thing (IoT) devices are being widely used in smart homes and organizations. IoT devices can have security vulnerabilities in different fronts: Device front with embedded functionalities and Application front. This work aims to analyze IoT devices security health from device functionality perspective and application security and accessibility perspective to understand holistic picture of entire IoT ecosystem's security health. An IoT device has some intended purposes, but may also have hidden functionalities. Typically, the device is installed in a home or an organization and the network traffic associated with the device is captured and analyzed to infer high-level functionality to the extent possible. However, such analysis is dynamic in nature, and requires the installation of the device and access to network data which is often hard to get for privacy and confidentiality reasons. In this work, we propose an alternative static approach which can infer the functionality of a device from vendor materials using Natural Language Processing (NLP) techniques. Information about IoT device functionality can be used in various applications, one of which is ensuring security in a smart home. We can also use the device functionalities in various security applications especially access control policies. Based on the functionality of a device we can provide assurance to the consumer that these devices will be compliant to the home or organizational policy even before they have been purchased. Most IoT devices interface with the user through mobile companion apps. Such apps are used to configure, update, and control the device(s) constituting a critical component in the IoT ecosystem, but they have historically been under-studied. In this thesis, we also perform security and accessibility analysis of IoT application on 265 apps to understand security and accessibility vulnerabilities present in the apps and identify some mitigating strategies. | |
dc.format.medium | born digital | |
dc.format.medium | masters theses | |
dc.identifier | jPaudel_colostate_0053N_16965.pdf | |
dc.identifier.uri | https://hdl.handle.net/10217/235149 | |
dc.language | English | |
dc.language.iso | eng | |
dc.publisher | Colorado State University. Libraries | |
dc.relation.ispartof | 2020- | |
dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
dc.title | An analysis of Internet of Things (IOT) ecosystem from the perspective of device functionality, application security and application accessibility | |
dc.type | Text | |
dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
thesis.degree.discipline | Computer Science | |
thesis.degree.grantor | Colorado State University | |
thesis.degree.level | Masters | |
thesis.degree.name | Master of Science (M.S.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- jPaudel_colostate_0053N_16965.pdf
- Size:
- 970.62 KB
- Format:
- Adobe Portable Document Format