Search for: All records

In this paper, we propose Aerogel, a lightweight access control framework to define fine-grained access control policies for Wasm-based, bare-metal IoT devices. Aerogel leverages the security features of Wasm runtime to protect the access and usage of peripherals. We prototype Aerogel on nRF52840 dev board, and the results show that Aerogel only introduces 0.19% to 1.04% overhead. 

There is an increasing emphasis on securing deep learning (DL) inference pipelines for mobile and IoT applications with privacy-sensitive data. Prior works have shown that privacy-sensitive data can be secured throughout deep learning inferences on cloud-offloaded models through trusted execution environments such as Intel SGX. However, prior solutions do not address the fundamental challenges of securing the resource-intensive inference tasks on low-power, low-memory devices (e.g., mobile and IoT devices), while achieving high performance. To tackle these challenges, we propose SecDeep, a low-power DL inference framework demonstrating that both security and performance of deep learning inference on edge devices are well within our reach. Leveraging TEEs with limited resources, SecDeep guarantees full confidentiality for input and intermediate data, as well as the integrity of the deep learning model and framework. By enabling and securing neural accelerators, SecDeep is the first of its kind to provide trusted and performant DL model inferencing on IoT and mobile devices. We implement and validate SecDeep by interfacing the ARM NN DL framework with ARM TrustZone. Our evaluation shows that we can securely run inference tasks with 16× to 172× faster performance than no acceleration approaches by leveraging edge-available accelerators. 

The increasing complexity and ubiquity of using IoT devices exacerbate the existing programming challenges in smart environments such as smart homes, smart buildings, and smart cities. Recent works have focused on detecting conflicts for the safety and utility of IoT applications, but they usually do not emphasize any means for conflict resolution other than just reporting the conflict to the application user and blocking the conflicting behavior. We propose RemedIoT, a remedial action 1 framework for resolving Internet-of-Things conflicts. The RemedIoT framework uses state of the art techniques to detect if a conflict exists in a given set of distributed IoT applications with respect to a set of policies, i.e., rules that define the allowable and restricted state-space transitions of devices. For each identified conflict, RemedIoT will suggest a set of remedial actions to the user by leveraging RemedIoT's programming abstractions. These programming abstractions enable different realizations of an IoT module while safely providing the same level of utility, e.g., if an air-conditioner application that is used to implement a cooling module conflicts with a CO2 monitor application that requires ventilation at home, a non-conflicting smart fan application will be suggested to the user. We evaluate RemedIoT on Samsung SmartThings applications and IFTTT applets and show that for 102 detected conflicts across 74 sample applications with 11 policies, RemedIoT is able to remediate ~ 80% of the conflicts found in the environment, which would normally be blocked by prior solutions. We further demonstrate the efficacy and scalability of our approach for smart city environments. 

Internet-of-Things (IoTs) are becoming more and more popular in our life. IoT devices are generally designed for sensing or actuation purposes. However, the current sensing system on IoT devices lacks the understanding of sensing needs, which diminishes the sensing flexibility, isolation, and security when multiple sensing applications need to use sensor resources. In this work, we propose VirtSense, an ARM TrustZone based virtual sensing system, to provide each sensing application a virtual sensor instance, which further enables a safe, flexible and isolated sensing environment on the IoT devices. Our preliminary results show that VirtSense: 1) can provide virtual sensor instance for each sensing application so that the sensing needs of each application will be satisfied without affecting others; 2) is able to enforce access control policy even under an untrusted environment.