Visible to the public Context-Aware IoT Device Functionality Extraction from Specifications for Ensuring Consumer Security

Submitted by grigby1 on Thu, 02/24/2022 - 12:21pm
TitleContext-Aware IoT Device Functionality Extraction from Specifications for Ensuring Consumer Security
Publication TypeConference Paper
Year of Publication2021
AuthorsPaudel, Upakar, Dolan, Andy, Majumdar, Suryadipta, Ray, Indrakshi
Conference Name2021 IEEE Conference on Communications and Network Security (CNS)
Date Publishedoct
KeywordsDevice Functionality, Human Behavior, IoT, Metals, natural language processing, Network security, NIST, NLP, Organizations, Privacy Policies, pubcrawl, Scalability, smart home, Smart homes, telecommunication traffic
AbstractInternet of Thing (IoT) devices are being widely used in smart homes and organizations. An IoT device has some intended purposes, but may also have hidden functionalities. Typically, the device is installed in a home or an organization and the network traffic associated with the device is captured and analyzed to infer high-level functionality to the extent possible. However, such analysis is dynamic in nature, and requires the installation of the device and access to network data which is often hard to get for privacy and confidentiality reasons. We propose an alternative static approach which can infer the functionality of a device from vendor materials using Natural Language Processing (NLP) techniques. Information about IoT device functionality can be used in various applications, one of which is ensuring security in a smart home. We demonstrate how security policies associated with device functionality in a smart home can be formally represented using the NIST Next Generation Access Control (NGAC) model and automatically analyzed using Alloy, which is a formal verification tool. This will provide assurance to the consumer that these devices will be compliant to the home or organizational policy even before they have been purchased.
DOI10.1109/CNS53000.2021.9705050
Citation Keypaudel_context-aware_2021
Groups: