Computers are increasingly pervasive and diverse, embedded in devices ranging from smart phones and wearable computers to home automation devices and automotive systems. This explosive growth has far outpaced the speed with which device behaviors can be analyzed and understood, creating unprecedented opportunities for "Internet of Things" devices to engage in nefarious activities such as violating users' privacy or spreading malware. This project is designing and implementing new frameworks that track the provenance (i.e., history) of data processing and communications in systems of smart devices. To facilitate the identification of malicious behaviors, the project is developing non-invasive techniques for extracting device provenance, and presenting a public accountability infrastructure through which the history of interactions between smart devices can be analyzed. In light of the great diversity of computing platforms in this environment, the efficient extraction of fine-grained data provenance is difficult. To overcome these challenges, the researchers are designing and implementing minimally-invasive mechanisms and associated algorithms for the observation of smart device activity at multiple system layers. The expected results include the development of a retrofit mechanism that leverages program instrumentation to enable complete provenance mediation for commodity-off-the-shelf smart devices, and a network mediation point that monitors inter-device communication in order to extract network provenance from systems of devices. Finally, the project is developing algorithms and protocols to securely extract and aggregate device provenance to a centralized repository, enabling provenance-based crowd-sourced monitoring of the Internet of Things. This work will not only establish foundations for trust in the functionality of smart devices, but also enable further research in provenance-based analytics.
CRII: SaTC: Transparent Capture and Aggregation of Secure Data Provenance for Smart Devices