An official website of the United States government
As the Internet of Things (IoT) continues to proliferate, diagnosing incorrect behavior within increasingly-automated homes becomes considerably more difficult. Devices and apps may be chained together in long sequences of trigger-action rules to the point that from an observable symptom (e.g., an unlocked door) it may be impossible to identify the distantly removed root cause (e.g., a malicious app). This is because, at present, IoT audit logs are siloed on individual devices, and hence cannot be used to reconstruct the causal relationships of complex workflows. In this work, we present ProvThings, a platform-centric approach to centralized auditing in the Internet of Things. ProvThings performs efficient automated instrumentation of IoT apps and device APIs in order to generate data provenance that provides a holistic explanation of system activities, including malicious behaviors. We prototype ProvThings for the Samsung SmartThings platform, and benchmark the efficacy of our approach against a corpus of 26 IoT attacks. Through the introduction of a selective code instrumentation optimization, we demonstrate in evaluation that ProvThings imposes just 5% overhead on physical IoT devices while enabling real time querying of system behaviors, and further consider how ProvThings can be leveraged to meet the needs of a variety of stakeholders in the IoT ecosystem.
more »
« less
AnyLog: a Grand Unification of the Internet of Things
AnyLog is a decentralized platform for data publishing, sharing, and querying IoT (Internet of Things) data that enables an unlimited number of independent participants to publish and access the contents of IoT datasets stored across the participants. AnyLog provides decentralized publishing and querying functionality over structured data in an analogous fashion to how the world wide web (WWW) enables decentralized publishing and accessing of unstructured data. However, AnyLog differs from the traditional WWW in the way that it provides incentives and financial reward for performing tasks that are critical to the well-being of the system as a whole, including contribution, integration, storing, and processing of data, as well as protecting the confidentiality, integrity, and availability of that data. Another difference is how Anylog enforces good behavior by the participants through a collection of methods, including blockchain, secure enclaves, and state channels.
more »
« less
- Award ID(s):
- 1910613
- PAR ID:
- 10171984
- Date Published:
- Journal Name:
- 10th Annual Conference on Innovative Data Systems Research (CIDR ‘20)
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
While our society accelerates its transition to the Internet of Things, billions of IoT devices are now linked to the network. While these gadgets provide enormous convenience, they generate a large amount of data that has already beyond the network’s capacity. To make matters worse, the data acquired by sensors on such IoT devices also include sensitive user data that must be appropriately treated. At the moment, the answer is to provide hub services for data storage in data centers. However, when data is housed in a centralized data center, data owners lose control of the data, since data centers are centralized solutions that rely on data owners’ faith in the service provider. In addition, edge computing enables edge devices to collect, analyze, and act closer to the data source, the challenge of data privacy near the edge is also a tough nut to crack. A large number of user information leakage both for IoT hub and edge made the system untrusted all along. Accordingly, building a decentralized IoT system near the edge and bringing real trust to the edge is indispensable and significant. To eliminate the need for a centralized data hub, we present a prototype of a unique, secure, and decentralized IoT framework called Reja, which is built on a permissioned Blockchain and an intrusion-tolerant messaging system ChiosEdge, and the critical components of ChiosEdge are reliable broadcast and BFT consensus. We evaluated the latency and throughput of Reja and its sub-module ChiosEdge.more » « less
-
Power grids are evolving at an unprecedented pace due to the rapid growth of distributed energy resources (DER) in communities. These resources are very different from traditional power sources as they are located closer to loads and thus can significantly reduce transmission losses and carbon emissions. However, their intermittent and variable nature often results in spikes in the overall demand on distribution system operators (DSO). To manage these challenges, there has been a surge of interest in building decentralized control schemes, where a pool of DERs combined with energy storage devices can exchange energy locally to smooth fluctuations in net demand. Building a decentralized market for transactive microgrids is challenging because even though a decentralized system provides resilience, it also must satisfy requirements like privacy, efficiency, safety, and security, which are often in conflict with each other. As such, existing implementations of decentralized markets often focus on resilience and safety but compromise on privacy. In this paper, we describe our platform, called TRANSAX, which enables participants to trade in an energy futures market, which improves efficiency by finding feasible matches for energy trades, enabling DSOs to plan their energy needs better. TRANSAX provides privacy to participants by anonymizing their trading activity using a distributed mixing service, while also enforcing constraints that limit trading activity based on safety requirements, such as keeping planned energy flow below line capacity. We show that TRANSAX can satisfy the seemingly conflicting requirements of efficiency, safety, and privacy. We also provide an analysis of how much trading efficiency is lost. Trading efficiency is improved through the problem formulation which accounts for temporal flexibility, and system efficiency is improved using a hybrid-solver architecture. Finally, we describe a testbed to run experiments and demonstrate its performance using simulation results.more » « less
-
An emerging technology for building capacity to make decisions in the ocean space is the development of Digital Twins of the Ocean (DTOs). A DTO is a virtual replication of the ocean environment, including its properties, behaviors, and processes (https://www.mercator-ocean.eu/en/digital-twin-ocean/). These digital replicas are created using a combination of real-time data collected from satellites and thousands of sensors deployed around the world, as well as outputs of advanced models and computer simulations.more » « less
-
Edge computing is an emerging computing paradigm representing decentralized and distributed information technology architecture [1] . The demand for edge computing is primarily driven by the increased number of smart devices and the Internet of Things (IoT) that generate and transmit a substantial amount of data, that would otherwise be stored on cloud computing services. The edge architecture enables data and computation to be performed in close proximity to users and data sources and acts as the pathway toward upstream data centers [2] . Rather than sending data to the cloud for processing, the analysis and work is done closer to where the source of the data is generated ( Figure 1 ). Edge services leverage local infrastructure resources allowing for reduced network latency, improved bandwidth utilization, and better energy efficiency compared to cloud computing.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
