How to curtail oversensing in the home

Recent THaW paper:

Future homes are an IoT hotspot that will be particularly at risk. Sensitive information such as passwords, identification, and financial transactions are abundant in the home—as are sensor systems such as digital assistants, smartphones, and interactive home appliances that may unintentionally capture this sensitive information. For example, how motion sensors can capture nearby sounds, including words and keystrokes. We call this oversensing: where authorized access to sensor data provides an application with superfluous and potentially sensitive information. Manufacturers and system designers must employ the principle of least privilege at a more fine-grained level and with awareness of how often different sensors overlap in the sensitive information they leak. We project that directing technical efforts toward a more holistic conception of sensor data in system design and permissioning will reduce risks of oversensing.

Connor Bolton, Kevin Fu, Josiah Hester, and Jun Han. How to curtail oversensing in the homeCommunications of the ACM 63(6), pages 20–24, June 2020. ACM. DOI: 10.1145/3396261

New THaW Patent

The THaW team is pleased to announce one new patent derived from THaW research. For the complete list of patents, visit our Tech Transfer page.

Abstract: Systems and methods are disclosed for providing a trusted computing environment that provides data security in commodity computing systems. Such systems and methods deploy a flexible architecture comprised of distributed trusted platform modules (TPMs) configured to establish a root-of-trust within a heterogeneous network environment comprised of non-TPM enabled IoT devices and legacy computing devices. A data traffic module is positioned between a local area network and one or more non-TPM enabled IoT devices and legacy computing devices, and is configured to control and monitor data communication among such IoT devices and legacy computing devices and from such IoT devices and legacy computing devices to external computers. The data traffic module supports attestation of the IoT devices and legacy computing devices, supports secure boot operations of the IoT devices and legacy computing devices, and provides tamper resistance to such IoT devices and legacy computing devices.

Kevin Kornegay and Willie Lee Thompson II. Decentralized Root-of-Trust Framework for Heterogeneous Networks, November 2020. Morgan State University; USPTO. Download from

VibeRing: Using vibrations from a smart ring as an out-of-band channel for sharing secret keys

A recent THaW paper was nominated for Best Paper at the IoT conference:

With the rapid growth in the number of Internet of Things (IoT) devices with wireless communication capabilities, and sensitive information collection capabilities, it is becoming increasingly necessary to ensure that these devices communicate securely with only authorized devices. A major requirement of this secure communication is to ensure that both the devices share a secret, which can be used for secure pairing and encrypted communication. Manually imparting this secret to these devices becomes an unnecessary overhead, especially when the device interaction is transient. In this work, we empirically investigate the possibility of using an out-of-band communication channel – vibration, generated by a custom smartRing – to share a secret with a compatible IoT device. Through a user study with 12 participants we show that in the best case we can exchange 85.9% messages successfully. Our technique demonstrates the possibility of sharing messages accurately, quickly and securely as compared to several existing techniques.

Sougata Sen and David Kotz. VibeRing: Using vibrations from a smart ring as an out-of-band channel for sharing secret keys. In Proceedings of the International Conference on the Internet of Things (IoT), page Article#13 (8 pages), October 2020. ACM. DOI: 10.1145/3341162.3343818

Wanda – Securely introducing mobile devices

A few years ago we posted a fun video describing our Wanda approach to securely introduce mobile devices to a Wi-Fi network… or to each other.  Wanda was published in INFOCOM 2016; since then we’ve refined the technique with the CloseTalker (MobiSys 2019) and SNAP (MobiCom 2019).  We just made a new Wanda video, which we hope you’ll enjoy!

IoT Two-Factor Neurometric Authentication

Angel Rodriguez, Sara Rampazzi, and Kevin Fu recently had a poster accepted titled IoT Two-Factor Neurometric Authentication System using Wearable EEG:

Abstract: The IoT authentication space suffers from various user-sided drawbacks, such as poor password choice, the accidental publication of biometric data, and the practice of disabling authentication completely. This is commonly attributed to the “Security vs Usability” problem – generally, the stronger the authentication, the more inconvenient it is to perform and maintain for the user. Neurometric authentication offers a compelling resistance to eavesdropping and replay attacks, and the ability for a user to simply “think to unlock”. Furthermore, the recent increase in popularity of consumer EEG devices, as well as new research demonstrating its accuracy, have made EEG-based neurometric authentication much more viable.

Using a Support Vector Machine and one-time tokens, we present a secure two-factor authentication method, that allows a user to authenticate multiple IoT devices. We perform preliminary trials on the Psyionet BCI dataset and demonstrate a qualitative comparison of extracted EEG feature sets.

RampazziLeft: IoT two factor authentication scheme –  (1)  After internal user-thought authentication, the  device securely sends a one-time token to the IoT device. (2) The IoT device securely communicates with a server to verify the token. (3) If the token is verified, the server sends a secure confirmation reply to the IoT device, authenticating the user. Right: Proof of concept using the Psyionet BCI dataset – The top row shows the averaged covariance matrices of the extracted features of two different users thinking about the same mental task (imagining closing their fists). The bottom row shows similar features for one user thinking of two different tasks (imagine closing both fists vs both feet).

Proceedings of the IEEE Workshop on the Internet of Safe Things (SafeThings), May 2019. Accepted, publication pending.


Testimony in support of IoT Security

Professor Avi Rubin recently testified at a Maryland State Senate Finance Committee, hearing regarding a bill about IoT security [February 26, 2019].  Below are his remarks.

My name is Avi Rubin, and I am a full professor of Computer Science at Johns Hopkins University and Technical Director of our Information Security Institute. I am also the Founder and Chief Scientist of Harbor Labs, a Maryland CyberSecurity company that has developed an IoT Security Analysis product. I have been an active researcher in the area of Computer and Network Security since 1992. The primary focus of my research is Security for the Internet of Things (IoT Security). These are the types of connected devices that are addressed in SB 553.

Continue reading

Securing the life-cycle of Smart Environments (video)

This one-hour talk by David Kotz was presented at ARM Research in Austin, TX at the end of January 2019.  The first half covers some recent THaW research about Wanda and SNAP and the second half lays out some security challenges in the Internet of Things.  Watch the video below.

Abstract: The homes, offices, and vehicles of tomorrow will be embedded with numerous “Smart Things,” networked with each other and with the Internet. Many of these Things interact with their environment, with other devices, and with human users – and yet most of their communications occur invisibly via wireless networks.  How can users express their intent about which devices should communicate – especially in situations when those devices have never encountered each other before?   We present our work exploring novel combinations of physical proximity and user interaction to ensure user intent in establishing and securing device interactions. 

What happens when an occupant moves out or transfers ownership of her Smart Environment?  How does an occupant identify and decommission all the Things in an environment before she moves out?  How does a new occupant discover, identify, validate, and configure all the Things in the environment he adopts?  When a person moves from smart home to smart office to smart hotel, how is a new environment vetted for safety and security, how are personal settings migrated, and how are they securely deleted on departure?  When the original vendor of a Thing (or the service behind it) disappears, how can that Thing (and its data, and its configuration) be transferred to a new service provider?  What interface can enable lay people to manage these complex challenges, and be assured of their privacy, security, and safety?   We present a list of key research questions to address these important challenges.