Title:  A Systematic Approach for Assessing Security Flaws and Threats in IoT Deployments

Committee:

Dr. Manos Antonakakis, ECE, Chair, Advisor

Dr. Fabian Monrose, UNC, Co-Advisor

Dr. Mustaque Ahamad, CoC

Dr. Douglas Blough, ECE

Dr. Roberto Perdisci, UGA

Dr. Michael Bailey, CoC

Abstract: The IoT computing paradigm opens the door to many innovative industrial, medical, and consumer applications. These IoT systems, however, are becoming increasingly complex, coupled, and software-dependent. This complexity also opens the
door to attacks and abuse that can have a real-world impact on critical infrastructure or, worse, cause physical harm. Traditional security assessment approaches are ad-hoc and do not generalize well to modern IoT deployments. Furthermore, the scope is often narrow and focuses on specific components of IoT systems. Worse still, security assessments and threat analyses are often independently studied, which creates a gap between the identification and exploitation of vulnerabilities. This dissertation presents holistic and systematic frameworks that combine network and binary analysis to identify vulnerabilities and their likelihood of transpiring in real-world IoT deployments. The contributions
consist of three large-scale studies, each of which is based on insights from the previous. First, I propose a generalizable and objective security assessment standard for smart-home IoT deployments that I apply to 45 diverse devices and their mobile apps, cloud endpoints, and network communication. The results reveal a disproportional number of flaws affecting the mobile apps and cloud backends components, which warranted a deeper investigation. The second study designs and builds a data-driven security assessment pipeline for mobile cloud backends to automatically find and attribute
vulnerabilities in different software layers. The sheer number of known and unknown vulnerabilities we found motivated my third study to investigate what and how attackers abuse these security flaws. I propose a principled framework that captures the lifecycle of Linux-based IoT malware to uncover how attackers target vulnerable IoT devices and characterize their malware. These studies, and their novel integration of end-host binary program analysis and network vulnerability analysis that enables them, have introduced holistic, generalizable, and reproducible scientific methodologies that reveal far more than traditional security and threat analysis studies for networked systems.