ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms


Summary

The Internet-of-Things (IoT) has quickly evolved to a new appified era where third-party developers can write apps for IoT platforms using programming frameworks. Like other appified platforms, e.g., the smartphone platform, the permission system plays an important role in platform security. However, design flaws in current IoT platform permission models have been reported recently, exposing users to significant harm such as break-ins and theft. To solve these problems, a new access control model is needed for both current and future IoT platforms. In this paper, we propose ContexIoT, a context-based permission system for appified IoT platforms that provides contextual integrity by supporting fine-grained context identification for sensitive actions, and runtime prompts with rich context information to help users perform effective access control. Context definition in ContexIoT is at the inter-procedure control and data flow levels, that we show to be more comprehensive than previous context-based permission systems for the smartphone platform. ContexIoT is designed to be backward compatible and thus can be directly adopted by current IoT platforms. We prototype ContexIoT on the Samsung SmartThings platform, with an automatic app patching mechanism developed to support unmodified commodity SmartThings apps. To evaluate the system’s effectiveness, we perform the first extensive study of possible attacks on appified IoT platforms by reproducing reported IoT attacks and constructing new IoT attacks based on smartphone malware classes. We categorize these attacks based on lifecycle and adversary techniques, and build the first taxonomized IoT attack app dataset. Evaluating ContexIoT on this dataset, we find that it can effectively distinguish the attack context for all the tested apps. The performance evaluation on 283 commodity IoT apps shows that the app patching adds nearly negligible delay to the event triggering latency, and the permission request frequency is far below the threshold that is considered to risk user habituation or annoyance.


Code:

  • Code for Attacks is available here
  • Code for ContexIoT analysis is available here.
  • SmartApps DataSet used in the ContexIoT paper available here.

Research Paper

Download PDF 

When referring to our work, please cite it as:

Yunhan Jack Jia, Qi Alfred Chen, Shiqi Wang, Amir Rahmati, Earlence Fernandes, Z. Morley Mao, and Atul Prakash 
ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms 
21st Network and Distributed Security Symposium (NDSS 2017), Feb 2017

or, use BibTeX for citation:

@InProceedings{contexiot17,
     author = {Yunhan Jack Jia and Qi Alfred Chen and Shiqi Wang and Amir Rahmati and Earlence Fernandes and Z. Morley Mao and Atul Prakash},
     title = {{ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms}},
     booktitle = {21st Network and Distributed Security Symposium},
     month = February,
     year = 2017
     }
                

Team

Yunhan Jack Jia, Ph.D. Candidate, University of Michigan

Qi Alfred Chen, Ph.D. Candidate, University of Michigan

Shiqi Wang

Amir Rahmati, Ph.D. Candidate, University of Michigan

Earlence Fernandes, Ph.D. Candidate, University of Michigan

Z. Morley Mao, Professor, University of Michigan

Atul Prakash, Professor, University of Michigan


Acknowledgements