Modern commodity computing platforms such as smartphones (e.g.,
Android and iOS) and smart home systems (e.g., SmartThings and NEST)
provide programmable interfaces for third-party integration,
enabling popular third-party functionality that is often manifested
in applications, or apps. Thus, for the last decade,
designing systems to analyze mobile apps for vulnerabilities or
unwanted behavior has been a major research focus within the
security community. Leveraging the lessons and techniques learned
from mobile app analysis, researchers have developed similar systems
to evaluate the security, safety, and privacy of smart homes by
inspecting IoT apps developed for platforms such as
SmartThings. However, emerging characteristics of smart home
ecosystems indicate the need to move away from the approach of
IoT app analysis, as IoT apps may not be representative of the
home automation in real homes, and moreover, be unavailable for
analysis or instrumentation in the near future.
In this talk, I will describe the challenges for research in the
backdrop of the unsuitability of IoT apps for practical security
analysis, and motivate alternate research directions. First, I will
motivate the need to develop an alternative to IoT apps that is
representative of automation in the wild, in order to enable a
practical artifact for building and evaluating security systems for
smart homes. To this end, I will describe Helion, a system that
leverages the "user-driven" nature of home automation to generate
natural home automation scenarios, i.e., realistic event sequences
that are closely aligned with the real home automation usage in
end-user homes, which are then used for several critical tasks in
building and evaluating security systems. Second, I will motivate
the need to improve the state of security analysis of mobile
companion apps, which often form the weakest link in IoT ecosystems,
by systematically and rigorously evaluating the security analyses
targeted at them. To this end, I will describe how mutation testing
can be leveraged for empirically evaluating static program
analysis-based security systems. Our research in this direction has
led to two mutation frameworks, and the discovery of critical flaws
in leading tools such as FlowDroid, CryptoGuard, Argus, and Coverity
that affect the reliability and soundness of their
analysis. Finally, I will conclude the talk by describing the
lessons learned from our work, as well as by highlighting challenges
and opportunities for future research in home automation security.
Read More ›