Proactive extraction of IoT device capabilities for security applications
| dc.contributor.author | Dolan, Andrew, author | |
| dc.contributor.author | Ray, Indrakshi, advisor | |
| dc.contributor.author | Majumdar, Suryadipta, advisor | |
| dc.contributor.author | Simske, Steven, committee member | |
| dc.contributor.author | Ghosh, Sudipto, committee member | |
| dc.date.accessioned | 2020-06-22T11:53:05Z | |
| dc.date.available | 2020-06-22T11:53:05Z | |
| dc.date.issued | 2020 | |
| dc.description.abstract | Internet of Things (IoT) device adoption is on the rise. Such devices are mostly self-operated and require minimum user interventions. This is achieved by abstracting away their design complexities and functionalities from users. However, this abstraction significantly limits a user's insights on evaluating the true capabilities (i.e., what actions a device can perform) of a device and hence, its potential security and privacy threats. Most existing works evaluate the security of those devices by analyzing the environment data (e.g., network traffic, sensor data, etc.). However, such approaches entail collecting data from encrypted traffic, relying on the quality of the collected data for their accuracy, and facing difficulties in preserving both utility and privacy of the data. We overcome the above-mentioned challenges and propose a proactive approach to extract IoT device capabilities from their informational specifications to verify their potential threats, even before a device is installed. More specifically, we first introduce a model for device capabilities in the context of IoT. Second, we devise a technique to parse the vendor-provided materials of IoT devices and enumerate device capabilities from them. Finally, we apply the obtained capability model and extraction technique in a proactive access control model to demonstrate the applicability of our proposed solution. We evaluate our capability extraction approach in terms of its efficiency and enumeration accuracy on devices from three different vendors. | |
| dc.format.medium | born digital | |
| dc.format.medium | masters theses | |
| dc.identifier | Dolan_colostate_0053N_16064.pdf | |
| dc.identifier.uri | https://hdl.handle.net/10217/208513 | |
| dc.language | English | |
| dc.language.iso | eng | |
| dc.publisher | Colorado State University. Libraries | |
| dc.relation.ispartof | 2020- | |
| dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
| dc.subject | IoT | |
| dc.subject | security | |
| dc.subject | functionality | |
| dc.subject | smart home | |
| dc.subject | proactive | |
| dc.title | Proactive extraction of IoT device capabilities for security applications | |
| dc.type | Text | |
| dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | Colorado State University | |
| thesis.degree.level | Masters | |
| thesis.degree.name | Master of Science (M.S.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Dolan_colostate_0053N_16064.pdf
- Size:
- 1.19 MB
- Format:
- Adobe Portable Document Format