Security and Privacy in the Lifecycle of IoT for Consumer Environments (SPLICE) (2020-date)


Related website: [SPLICE-project.org]

Related keywords: [authentication], [iot], [mhealth], [privacy], [security], [sensors], [wearable]


Summary

This era of "Smart Things," in which everyday objects become imbued with computational capabilities and the ability to communicate with each other and with services across the Internet, creates novel security and privacy risks. SPLICE research addresses these risks by examining the human, social, and technological scope of the security and privacy challenges emerging in Smart Homes across a wide range of residential stakeholders, including owners, occupants, renters, visitors, and domestic workers.

What follows is a summary of SPLICE research by David Kotz and his students and postdocs. For more information about the SPLICE project, and a broader description of its contributions and publications (not just those including David Kotz and his students), see the SPLICE website.

Detecting anomalous behavior: VIA

VIA presents a method for detecting anomalous behavior in Bluetooth traffic, as observed by the central host -- with the goal of detecting malicious behavior by peripheral devices, or perhaps imposter peripherals that are spoofing legitimate peripherals; see the WiSec'21 paper [peters:via].

Detecting whether Wi-Fi device is inside or outside

A key challenge in securing a smart home is to detect whether a device belongs to one's own ecosystem, or to a neighbor -- or represents an unexpected adversary. An important part of determining whether a device is friend or adversary is to detect whether a device's location is within the physical boundaries of one's space (e.g. office, classroom, home). We proposed a system that, in a preliminary evaluation, was able to decide with 82% accuracy whether the location of an IoT device is inside or outside of a defined space based on a small number of transmitted Wi-Fi frames. See Paul Gralla's undergraduate thesis for details [gralla:inside-outside].


People

The following people were involved in SPLICE research at Dartmouth, or were co-authors on one or more of the papers cited here: Paul Gralla, David Kotz, Namya Malik, Beatrice Perez, Travis Peters, Timothy Pierson, Sougata Sen, Adam Vandenbussche, Kaiyao Weng.

Funding and acknowledgements

NSF Secure and Trustworthy Computing (SaTC) award 1955805.

The views and conclusions contained on this site and in its documents are those of the authors and should not be interpreted as necessarily representing the official position or policies, either expressed or implied, of the sponsor(s). Any mention of specific companies or products does not imply any endorsement by the authors or by the sponsor(s).


Papers (tagged 'splice')

This list includes only those including David Kotz as co-author or thesis advisor. For a complete list of SPLICE papers, see the SPLICE website.

[The list below is also available in BibTeX]

Papers are listed in reverse-chronological order. Follow updates with RSS.

2021:

[Kotz research]