Systems Security: Internet of Things, Mobile, Cloud, Virtualization

The lack of security in internet-connected smart devices (IoT) is disconcerting. For many years, botnets have been used to exploit security vulnerabilities found in poorly configured devices. Due to the outbreak of several high-profile DDoS attacks sourced by massive IoT botnets (Mirai) in late 2016, we were able to asses the magnitude of potential devastation unleashed by these devices. There are many hurdles to endure when grappling with IoT Security & Privacy. First of all, there exists of a plethora of networking standards, such as Zwave, Insteon, Bluetooth, Zigbee, Ethernet, Wifi, RS232, RS485, C-bus, UPB, KNX, EnOcean, Thread, etc. In general, there is a lack of system homogeneity among devices. They are produced by many manufacturers who employ shortcuts and/or bad designs unintentionally (or intentionally) for embedded devices. The environment that IoT devices are deployed in is diverse, for example devices are retrofitted into existing networks maintained by non-professionals at home or IT staff. Additionally, the operational complexity of IoT devices can be cumbersome. They can be managed and operated in numerous ways, and can be customized or chained together to achieve various purposes, e.g., home automation, etc.

IoT Malware Classification and Analysis

It is imperative that we “know the enemies”. Through understanding the architecture, design and potential evolution of IoT malware, we can anticipate the prospective impact it may present on emerging IoT devices. It is natural, from a research perspective, to understand what role the environment plays in malware/attacks against IoT. For instance, do certain attacks work only on printers, IP cameras, or CISCO routers? If so, how accurate does the environment reconstruction need to be in order to fool the attack? Simultaneously, the classification of malware samples into various groups offers insights into attackers' strategies, technology stacks, and identifying potential zero-day attacks.

IoT Device Behavior Modeling

We need to "know ourselves". It is paramount that we derive a baseline of what normal behavioral patterns for IoT devices looks like. By utilizing the baseline, we should have the ability to detect anomalies in a given environment.

IoT Security and Privacy (Nutrition) Labels

Generally, consumers have limited knowledge into the security and privacy implications when purchasing an IoT device. From NortonLifeLock’s vantage point, it is important to design a visually concise yet informative labeling system in order to convey such implications to the consumer. Moreover, the EU is considering a baseline security and privacy certificate system, where this research would be considerably impactful and influential.