CRII: SaTC: Transparent Capture and Aggregation of Secure Data Provenance for Smart Devices

CRII：SaTC：智能设备安全数据来源的透明捕获和聚合

• 批准号: 1657534
• 负责人: Adam Bates
• 金额: $ 17.47万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-03-01 至 2020-02-29
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1657534&HistoricalAwards=false
• 关键词: CRII; SaTC; Transparent; Capture; Aggregation

Computers are increasingly pervasive and diverse, embedded in devices ranging from smart phones and wearable computers to home automation devices and automotive systems. This explosive growth has far outpaced the speed with which device behaviors can be analyzed and understood, creating unprecedented opportunities for "Internet of Things" devices to engage in nefarious activities such as violating users' privacy or spreading malware. This project is designing and implementing new frameworks that track the provenance (i.e., history) of data processing and communications in systems of smart devices. To facilitate the identification of malicious behaviors, the project is developing non-invasive techniques for extracting device provenance, and presenting a public accountability infrastructure through which the history of interactions between smart devices can be analyzed.In light of the great diversity of computing platforms in this environment, the efficient extraction of fine-grained data provenance is difficult. To overcome these challenges, the researchers are designing and implementing minimally-invasive mechanisms and associated algorithms for the observation of smart device activity at multiple system layers. The expected results include the development of a retrofit mechanism that leverages program instrumentation to enable complete provenance mediation for commodity-off-the-shelf smart devices, and a network mediation point that monitors inter-device communication in order to extract network provenance from systems of devices. Finally, the project is developing algorithms and protocols to securely extract and aggregate device provenance to a centralized repository, enabling provenance-based crowd-sourced monitoring of the Internet of Things. This work will not only establish foundations for trust in the functionality of smart devices, but also enable further research in provenance-based analytics.

计算机越来越普遍和多样化，嵌入到从智能手机和可穿戴计算机到家庭自动化设备和汽车系统的各种设备中。这种爆发式的增长速度远远超过了分析和理解设备行为的速度，为物联网设备从事侵犯用户隐私或传播恶意软件等邪恶活动创造了前所未有的机会。该项目正在设计和实施新的框架，以跟踪智能设备系统中数据处理和通信的来源(即历史)。为了便于识别恶意行为，该项目正在开发非侵入性的设备来源提取技术，并提供一个公共问责基础设施，通过该基础设施可以分析智能设备之间的交互历史。鉴于这种环境中计算平台的巨大多样性，高效提取细粒度数据来源是困难的。为了克服这些挑战，研究人员正在设计和实施微创机制和相关算法，以在多个系统层观察智能设备的活动。预期的结果包括开发一种利用程序工具来实现对商品现成智能设备的完整来源调解的改造机制，以及一个监控设备间通信以便从设备系统中提取网络来源的网络中介点。最后，该项目正在开发算法和协议，以安全地提取设备来源并将其聚合到中央存储库，从而实现基于来源的众包监控物联网。这项工作不仅将为人们对智能设备功能的信任奠定基础，还将使基于来源的分析得到进一步研究。

项目成果

Emerging Threats in Internet of Things Voice Services

• DOI: 10.1109/msec.2019.2910013
• 发表时间: 2019-07-01
• 期刊: IEEE SECURITY & PRIVACY
• 影响因子: 1.9
• 作者: Kumar, Deepak;Paccagnella, Riccardo;Bailey, Michael
• 通讯作者: Bailey, Michael

UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats

• DOI: 10.14722/ndss.2020.24046
• 发表时间: 2020-01
• 期刊: ArXiv
• 作者: Xueyuan Han;Thomas Pasquier;Adam Bates;James W. Mickens;M. Seltzer

AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance

• DOI: 10.1109/icdcs.2018.00086
• 发表时间: 2018-07
• 期刊: 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)
• 作者: Tianyuan Liu;Avesta Hojjati;Adam Bates;K. Nahrstedt

Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?

• 发表时间: 2018
• 作者: Wajih Ul Hassan;Saad Hussain;Adam Bates

Towards an accountable software-defined networking architecture

迈向负责任的软件定义网络架构

• DOI: 10.1109/netsoft.2017.8004206
• 发表时间: 2017
• 期刊: 2017 IEEE Conference on Network Softwarization (NetSoft
• 作者: Ujcich, Benjamin E.;Miller, Andrew;Bates, Adam;Sanders, William H.
• 通讯作者: Sanders, William H.