Visible to the public Cloud-Assisted IoT Systems Privacy--2018Q2Conflict Detection Enabled

Submitted by RCJBob on Fri, 07/06/2018 - 4:44pm

PI(s), Co-PI(s), Researchers: Bo Luo, Fengjun Li

HARD PROBLEM(S) ADDRESSED
The goal of this project is to develop principles and methods to model privacy needs, threats, and protection mechanisms in cloud-assisted IoT systems. The work aims to address the hard problems of resilient architectures, security metrics as well as scalability and composability.

PUBLICATIONS

  1. Lei Yang and Fengjun Li. Cloud-Assisted Privacy-Preserving Classification for IoT Applications. In IEEE Conference on Communications and Network Security (CNS), 2018.
  2. Lei Yang, Chris Seasholtz, Fengjun Li and Bo Luo. Hide Your Hackable Smart Home From Remote Attacks: An Extra Network-Level Safeguard. In European Symposium on Research in Computer Security (ESORICS), 2018.

KEY HIGHLIGHTS
In this quarterly report, we present two highlights:

  • Developed a privacy-preserving classification protocol for IoT applications to perform machine learning tasks over the encrypted IoT data

Machine learning plays an important role in making sense of the tremendous data generated by the Internet of Things (IoT) devices. An emerging machine intelligence platform, known as Machine Learning as a Service (MLaaS), facilitates users to analyze IoT data faster and deliver more accurate insights at smaller costs. However, it has also raised several concerns regarding the security and privacy of IoT data as well as the proprietary machine learning models. To address this problem, we developed a method to enable cloud-assisted, privacy-preserving machine learning classification over encrypted data for IoT devices, which allows a cloud server to interact with machine learning service providers on behalf of the resource-constrained IoT devices in a privacy-preserving manner and shift the load of computation-intensive classification operations off the devices.

  • Developed an Onion-based gateway for secure communication between clients and IoT devices with potential vulnerabilities

Recent security incidents exploited vulnerabilities embedded in IoT devices due to poor or lack of security design and problematic implementation. However, with a large number of heterogeneous IoT devices online, it is difficult to develop a universal security solution that can address the vulnerability of each individual device. To tackle this problem, we investigated the attack surface through which IoT devices are exposed and developed an isolation-based approach to separate the private network in which the IoT devices are deployed from the public network via a newly designed IoT gateway.

COMMUNITY ENGAGEMENTS

  • Invited talk on Exploring IoT-Cloud Systems to Secure IoT Applications, the CPS Security and Education Workshop, UNC Charlotte, July 26, 2018.
  • Invited talk on Supporting Data Privacy in Cloud-Assisted IoT Applications, School of Information Science and Technology, University of Science and Technology of China, June 19, 2018.

EDUCATIONAL ADVANCES

N/A

Groups: