EAGER: USBRCCR: Collaborative: Lightweight Policy Enforcement of Information Flows in IoT Infrastructures

EAGER：USBRCCR：协作：物联网基础设施中信息流的轻量级策略执行

• 批准号: 1740916
• 负责人: Darko Marinov
• 金额: $ 13.63万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2020-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1740916&HistoricalAwards=false
• 关键词: EAGER; USBRCCR; Collaborative; Lightweight; Policy

As Internet of Things (IoT) systems become deployed more widely, their security is becoming a serious concern in many domains, including smart homes, autonomous cars, or industrial control systems. Security exploits in IoT systems can lead to loss of privacy, data theft, financial losses, and even physical harm. The proposed work will develop a novel approach to harden security of IoT systems via cross-layer defense. The approach will be developed and evaluated in collaboration among three participating institutions in the US and Brazil. The project aims to provide technical foundations to harden the defense against several types of security attacks in IoT systems, and the project will also create broader impact through dissemination of results and education efforts.More technically, the proposed approach considers cross-layer defense at IoT app layer, network layer, and devices. The central concept is flow policies: the proposed work extracts flow policies from IoT apps, and then uses these policies to enforce desired flows and to detect violations at both the device and network layers. In contrast to general-purpose applications, the flows in IoT apps are expected to be often predictable and expressive enough to capture important properties such that detected flow violations indicate real problems and not false alarms. If policies are indeed found to be expressive enough, and checking them is lightweight in IoT systems, the approach will provide substantial benefits to improve defense of IoT systems in practice.

随着物联网 (IoT) 系统的部署越来越广泛，其安全性正成为许多领域的严重问题，包括智能家居、自动驾驶汽车或工业控制系统。 物联网系统中的安全漏洞可能会导致隐私丢失、数据被盗、财务损失，甚至人身伤害。 拟议的工作将开发一种新方法，通过跨层防御来强化物联网系统的安全性。 该方法将由美国和巴西的三个参与机构合作开发和评估。 该项目旨在为加强物联网系统中多种类型安全攻击的防御提供技术基础，该项目还将通过成果传播和教育工作产生更广泛的影响。从技术上讲，所提出的方法考虑了物联网应用层、网络层和设备的跨层防御。 核心概念是流量策略：所提出的工作从物联网应用程序中提取流量策略，然后使用这些策略来强制执行所需的流量并检测设备和网络层的违规行为。与通用应用程序相比，物联网应用程序中的流通常应具有足够的可预测性和表现力，以捕获重要属性，以便检测到的流违规表明真正的问题而不是错误警报。 如果策略确实具有足够的表达能力，并且在物联网系统中检查它们是轻量级的，那么该方法将为在实践中改善物联网系统的防御提供巨大的好处。

项目成果

A large-scale study of test coverage evolution

测试覆盖率演变的大规模研究

• DOI: 10.1145/3238147.3238183
• 发表时间: 2018
• 期刊: 33rd IEEE/ACM Conference on Automated Software Engineering
• 作者: Hilton, Michael;Bell, Jonathan;Marinov, Darko
• 通讯作者: Marinov, Darko

Techniques for Evolution-Aware Runtime Verification

• DOI: 10.1109/icst.2019.00037
• 发表时间: 2019-04
• 期刊: 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST)
• 作者: Owolabi Legunsen;Yi Zhang;Milica Hadzi-Tanovic;Grigore Roşu;D. Marinov

Prioritizing Runtime Verification Violations

• DOI: 10.1109/icst46399.2020.00038
• 发表时间: 2020-10
• 期刊: 2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST)
• 作者: Breno Miranda;Igor Lima;Owolabi Legunsen;Marcelo d’Amorim

How effective are existing Java API specifications for finding bugs during runtime verification?

• DOI: 10.1007/s10515-019-00267-1
• 发表时间: 2019-11
• 期刊: Automated Software Engineering
• 影响因子: 3.4
• 作者: Owolabi Legunsen;Nader Al Awar;Xinyue Xu;Wajih Ul Hassan;Grigore Roşu;D. Marinov

Systematic Generation of Non-Equivalent Expressions for Relational Algebra

关系代数非等价表达式的系统生成

• DOI: 10.1007/978-3-319-91271-4_8
• 发表时间: 2018
• 期刊: and Z
• 作者: Wang, Kaiyuan;Sullivan, Allison;Koukoutos, Manos;Marinov, Darko;Khurshid, Sarfraz
• 通讯作者: Khurshid, Sarfraz