Document Type

Dissertation

Degree

Doctor of Philosophy (PhD)

Major/Program

Electrical Engineering

First Advisor's Name

Dr. A. Selcuk Uluagac

First Advisor's Committee Title

Committee chair

Second Advisor's Name

Dr. Kemal Akkaya

Second Advisor's Committee Title

Committee member

Third Advisor's Name

Dr. Alexander Perez-Pons

Third Advisor's Committee Title

Committee member

Fourth Advisor's Name

Dr. Bogdan Carbunar

Fourth Advisor's Committee Title

Committee member

Keywords

computer engineering, electrical and computer engineering, information security

Date of Defense

7-2-2020

Abstract

This doctoral dissertation introduces novel security frameworks to detect sensor-based threats on smart devices and applications in smart settings such as smart home, smart office, etc. First, we present a formal taxonomy and in-depth impact analysis of existing sensor-based threats to smart devices and applications based on attack characteristics, targeted components, and capabilities. Then, we design a novel context-aware intrusion detection system, 6thSense, to detect sensor-based threats in standalone smart devices (e.g., smartphone, smart watch, etc.). 6thSense considers user activity-sensor co-dependence in standalone smart devices to learn the ongoing user activity contexts and builds a context-aware model to distinguish malicious sensor activities from benign user behavior. Further, we develop a platform-independent context-aware security framework, Aegis, to detect the behavior of malicious sensors and devices in a connected smart environment (e.g., smart home, offices, etc.). Aegis observes the changing patterns of the states of smart sensors and devices for user activities in a smart environment and builds a contextual model to detect malicious activities considering sensor-device-user interactions and multi-platform correlation. Then, to limit unauthorized and malicious sensor and device access, we present, kratos, a multi-user multi-device-aware access control system for smart environment and devices. kratos introduces a formal policy language to understand diverse user demands in smart environment and implements a novel policy negotiation algorithm to automatically detect and resolve conflicting user demands and limit unauthorized access. For each contribution, this dissertation presents novel security mechanisms and techniques that can be implemented independently or collectively to secure sensors in real-life smart devices, systems, and applications. Moreover, each contribution is supported by several user and usability studies we performed to understand the needs of the users in terms of sensor security and access control in smart devices and improve the user experience in these real-time systems.

Identifier

FIDC009169

ORCID

https://orcid.org/0000-0002-0207-7154

Share

COinS
 

Rights Statement

Rights Statement

In Copyright. URI: http://rightsstatements.org/vocab/InC/1.0/
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).