IOTA: A Framework for Analyzing System-Level Security of IoTs

Zheng Fang, Hao Fu, Tianbo Gu, Pengfei Hu, Jinyue Song, Trent Jaeger, Prasant Mohapatra

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Most IoT systems involve IoT devices, communication protocols, remote cloud, IoT applications, mobile apps, and the physical environment. However, existing IoT security analyses only focus on a subset of all the essential components, such as device firmware or communication protocols, and ignore IoT systems' interactive nature, resulting in limited attack detection capabilities. In this work, we propose Iota, a logic programming-based framework to perform system-level security analysis for IoT systems. Iota generates attack graphs for IoT systems, showing all of the system resources that can be compromised and enumerating potential attack traces. In building Iota, we design novel techniques to scan IoT systems for individual vulnerabilities and further create generic exploit models for IoT vulnerabilities. We also identify and model physical dependencies between different devices as they are unique to IoT systems and are employed by adversaries to launch complicated attacks. In addition, we utilize NLP techniques to extract IoT app semantics based on app descriptions. Iota automatically translates vulnerabilities, exploits, and device dependencies to Prolog clauses and invokes MulVAL to construct attack graphs. To evaluate vulnerabilities' system-wide impact, we propose two metrics based on the attack graph, which provide guidance on fortifying IoT systems. Evaluation on 127 IoT CVEs (Common Vulnerabilities and Exposures) shows that IOTA's exploit modeling module achieves over 80% accuracy in predicting vulnerabilities' preconditions and effects. We apply Iota to 37 synthetic smart home IoT systems based on real-world IoT apps and devices. Experimental results show that our framework is effective and highly efficient. Among 27 shortest attack traces revealed by the attack graphs, 62.8% are not anticipated by the system administrator. It only takes 1.2 seconds to generate and analyze the attack graph for an IoT system consisting of 50 devices.

Original languageEnglish (US)
Title of host publicationProceedings - 7th ACM/IEEE Conference on Internet of Things Design and Implementation, IoTDI 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages143-155
Number of pages13
ISBN (Electronic)9781665496414
DOIs
StatePublished - 2022
Event7th ACM/IEEE Conference on Internet of Things Design and Implementation, IoTDI 2022 - Virtual, Online, Italy
Duration: May 3 2022May 6 2022

Publication series

NameProceedings - 7th ACM/IEEE Conference on Internet of Things Design and Implementation, IoTDI 2022

Conference

Conference7th ACM/IEEE Conference on Internet of Things Design and Implementation, IoTDI 2022
Country/TerritoryItaly
CityVirtual, Online
Period5/3/225/6/22

All Science Journal Classification (ASJC) codes

  • Information Systems and Management
  • Electrical and Electronic Engineering
  • Computer Networks and Communications
  • Hardware and Architecture
  • Instrumentation

Fingerprint

Dive into the research topics of 'IOTA: A Framework for Analyzing System-Level Security of IoTs'. Together they form a unique fingerprint.

Cite this