Nowadays, Internet of things (IoT) devices (e.g., smart cameras, Amazon Alexa, GPS navigation devices) are increasingly popular in our daily life. In practice, IoT devices are usually supported by their infrastructures (such as cloud servers, blockchain systems) to provide a variety of services. Some examples are given as follows. First, smart home Wi-Fi IoT devices can connect to their IoT vendor servers over the Internet, and they can be remotely monitored and controlled. Second, IoT devices along with blockchain systems have been implemented in various industries including financial, supply chain management, smart agriculture, cryptocurrency-supported vending machine, etc. Third, IoT devices can produce/collect datasets (e.g., locations) and upload them to powerful public cloud servers for storage. Then, the cloud server (serves as the IoT infrastructure) can deliver different data queries (e.g., kNN queries) services to data users. For both IoT devices and IoT infrastructures, there are many security and efficiency challenges that are needed to be addressed. For example, IoT devices usually have limited hardware capabilities, so they may not support secure communications (i.e., SSL/TLS connections). Moreover, blockchain systems may suffer from double-spending attacks and public clouds may steal the datasets in their storage. In this work, we propose various solutions to address these security and efficiency challenges. They are introduced as follows.To address security and efficiency challenges in IoT devices, we have two studies. First, in our project targeting smart home Wi-Fi-connected IoT devices, we conduct an empirical study on how the cryptographic/security protocols (e.g., SSL/TLS) are supported on 40 popular Wi-Fi smart home IoT devices. Surprisingly, we discover two security vulnerabilities and show that adversaries can exploit them to hijack the victims' IoT devices or peek at victims' activities. To secure these smart home IoT devices, we present SecWIR (Secure Wi-Fi IoT communication Router) framework, which is deployed on the commercial off-the-shelf (COTS) home Wi-Fi routers. Our experimental results show that SecWIR can secure IoT devices at the expense of only a small reduction in the routing performance. Second, in our project on home digital voice assistants (HDVAs), we study the insecurity of HDVA services by using Amazon Alexa and Google Home as case studies. We disclose three security vulnerabilities that root in their insecure access control. The insecure access control means that HDVA devices not only solely rely on single-factor authentication but also take voice commands even if no people are around them. To address the venerability, we devise a Virtual Security Button (VSButton), which leverages a real-time outlier detection algorithm on Wi-Fi signal to detect indoor human motions. Only when indoor human motions are detected, VSButton activates the HDVA devices and allows them to accept voice commands. At last, we conduct experiments to demonstrate the efficiency and effectiveness of VSButton.To address security and efficiency challenges in IoT infrastructures, we have two studies. First, in our project on reducing the transaction validation time on Bitcoin blockchain, we focus on designing fast Bitcoin transaction validation protocols which can help to promote the IoT-blockchain services (e.g., Bitcoin-supported vending machine). Currently, a secure Bitcoin transaction requires the payee to wait for at least 6 block confirmations (one hour) to be validated. In our project, we propose BFastPay scheme to accelerate the Bitcoin transaction validation. BFastPay employs a smart contract called BFPayArbitrator to host the payer's security deposit and fulfills the role of a trusted payment arbitrator which guarantees that a payee always receives the payment even if attacks occur. BFastPay is a routing-free solution that eliminates the requirement for payment routing in the traditional transaction routing network (e.g., Lightning Network). The theoretical and experimental results show that BFastPay is able to significantly reduce the Bitcoin transaction waiting time. Second, in our project on providing secure IoT-cloud service, we focus on k nearest neighbor (kNN) queries service. Nowadays, location service providers (LSPs) often resort to IoT devices (e.g., GPS navigation devices) to collect geospatial data. In practice, LSPs may rely on commercial cloud services, e.g., Dropbox, to store the tremendous geospatial data and deal with a number of user queries. However, it is challenging to achieve a secure and efficient location-based query processing over encrypted geospatial data stored on the untrusted cloud. In this project, we propose SecEQP (Secure and Efficient Queries Processing) scheme to address the secure kNN query problem. Our theoretical analysis and experimental evaluation demonstrate that SecEQP is secure and efficient.In summary, we successfully address the security and efficiency challenges in different IoT devices (including smart home IoT devices and HDVAs) and IoT infrastructures (including blockchain systems and cloud servers) in this work. We believe that our work can promote the fast growth of the IoT industry.
Read
