TAPShield: Securing Trigger-Action Platforms against Strong Attackers

Mojtaba Moazen

Abstract

Automation apps enable seamless connection of IoT devices and services to provide useful functionality for end-users. These apps are typically executed on cloud-based Trigger-Action Platforms(TAPs) such as IFTTT and Node-RED, supporting both single- and multi-tenant architectures. These architectures raise security and privacy concerns in the face of cloud attackers and malicious app makers, resulting in massive exfiltration of sensitive user data.

To address these concerns, we design TAPShield, an architecture that uses confidential computing and language-level sandboxing to protect users’ sensitive information against untrustworthy TAPs and malicious apps. TAPShield targets JavaScript-driven TAPs built on the Node.js environment and uses trusted execution environments via Intel SGX to protect against cloud attackers. It further uses language-level sandboxes such as vm2 and SandTrap to protect against malicious apps. We implement TAPShield for two popular TAPs, Node-RED and IFTTT, and report on the security, performance, and compatibility trade-offs on a range of real-world apps.

Date
Dec 5, 2024 1:15 PM — 2:15 PM

Mojtaba Moazen is a PhD student at the Theoretical Computer Science Division of KTH Royal Institute of Technology. He is contributing to the WASP – Wallenberg AI, Autonomous Systems, and Software Program NEST CyberSecIT project, one of WASP’s flagship initiatives.

He earned his master’s degree in Computer Science from Sharif University of Technology, where he focused on using static analysis for detecting repackaged apps for Android. Currently, at KTH, his research is dedicated to Software Security including IoT applications and Software Supply Chains.

Mojtaba Moazen’s webpage