Securing IoT Platforms Through Systematic Analysis and Design

Our homes, hospitals, cities, and industries are being enhanced with devices that have computational
and networking capabilities. This emerging network of connected devices, or Internet of Things (IoT),
promises better safety, enhanced management of patients, improved energy efficiency, and optimized
manufacturing processes. Although there are many such benefits, security vulnerabilities in these
systems can lead to user dissatisfaction (e.g., from random bugs), privacy violation (e.g., from stolen
information), monetary loss (e.g., denial-of-service attacks or "ransomware'), or even loss of life
(e.g., from malicious actors manipulating critical processes in a hospital).

Security design flaws may manifest at several layers of the IoT software/hardware stack. This work
focuses on design flaws that arise in IoT platforms—software systems that manage devices, data analysis results and control logic. Specifically, we show
that empirical security-oriented analyses of personal IoT platforms lead to: (1) an understanding of design flaws that can be leveraged in long-range and device-independent attacks; (2) the development of security mechanisms that limit the potential for these attacks. Concretely, we contribute empirical analyses for two categories of personal IoT platforms—Hub-Based (Samsung SmartThings), and Cloud-First (If-This-Then-That). Our analyses reveal overprivilege as a main enabler for attacks, and we propose a set of information flow control techniques (FlowFence and Decoupled-IFTTT) to manage privilege better in these platforms, therefore reducing the potential for attacks.