ForeSee: A cross-layer vulnerability detection framework for the internet of things

Zheng Fang, Hao Fu, Tianbo Gu, Zhiyun Qian, Trent Jaeger, Prasant Mohapatra

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The exponential growth of Internet-of-Things (IoT) devices not only brings convenience but also poses numerous challenging safety and security issues. IoT devices are distributed, highly heterogeneous, and more importantly, directly interact with the physical environment. In IoT systems, the bugs in device firmware, the defects in network protocols, and the design flaws in system configurations all may lead to catastrophic accidents, causing severe threats to people's lives and properties. The challenge gets even more escalated as the possible attacks may be chained together in a long sequence across multiple layers, rendering the current vulnerability analysis inapplicable. In this paper, we present ForeSee, a cross-layer formal framework to comprehensively unveil the vulnerabilities in IoT systems. ForeSee generates a novel attack graph that depicts all of the essential components in IoT, from low-level physical surroundings to high-level decision-making processes. The corresponding graph-based analysis then enables ForeSee to precisely capture potential attack paths. An optimization algorithm is further introduced to reduce the computational complexity of our analysis. The illustrative case studies show that our multilayer modeling can capture threats ignored by the previous approaches.

Original languageEnglish (US)
Title of host publicationProceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages236-244
Number of pages9
ISBN (Electronic)9781728146010
DOIs
StatePublished - Nov 2019
Event16th IEEE International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019 - Monterey, United States
Duration: Nov 4 2019Nov 7 2019

Publication series

NameProceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019

Conference

Conference16th IEEE International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019
CountryUnited States
CityMonterey
Period11/4/1911/7/19

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'ForeSee: A cross-layer vulnerability detection framework for the internet of things'. Together they form a unique fingerprint.

  • Cite this

    Fang, Z., Fu, H., Gu, T., Qian, Z., Jaeger, T., & Mohapatra, P. (2019). ForeSee: A cross-layer vulnerability detection framework for the internet of things. In Proceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019 (pp. 236-244). [9077392] (Proceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems, MASS 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MASS.2019.00036