Being one of the most rapidly growing technologies today with its predicted count of 22 billion in 2025, IoT devices and the systems containing these devices are getting increasingly more diverse and complicated. Keeping these IoT systems secure is an important yet challengin problem due to the hidden interactions between devices that can potentially result in security rule conflicts and violations of user intentions. To detect these conflicts and violations due to hidden interactions, we first introduce a novel approach to characterizing time-based interaction rules using Parameterized Signal Temporal Logic (PSTL). Then, we then propose STLTree, an adaptation and expansion of a decision tree learning algorithm for PSTL, to learn these interaction rules from a device operational log. Next, we define a notion of security in an IoT environment as an environment free of conflicts between interactions and user-desired security rules. Building on this work, we then propose two complementary approaches to detecting rule conflicts: (1) STLMon, which dynamically monitors IoT device behavior for rule violations, and (2) STLCheck, statically checks for the conflicting behaviors between and within device state changes and the user-defined rules. Finally, we show that STLTree is able to automatically generate rules that capture relevant interactions in our testing environment. Also, we demonstrate the efficiency of STLMon in detecting rule violations at runtime, and the utility of STLCheck in static generation of possible rule violations.

52 pages Thesis Committee:
Eunsuk Kang (Advisor)
Yuvraj Agarwal

Srinivasan Seshan, Head, Computer Science Department
Martial Hebert, Dean, School of Computer Science

Return to: SCS Technical Report Collection
School of Computer Science

This page maintained by reports@cs.cmu.edu