List of Members (starting from Principal Investigator):
Grant Source: DESC
Amount: 120,000 AED
Target Customer : Dubai Electronic Security Center (DESC)
Duration (start and end date): 2016-present
A brief description of the project (abstract):
Due to recent development and innovation in both hardware and software, the global network of networks, or Internet of Things (IoT), is finally becoming a reality. The IoT's diverse billions of communicating devices, or smart objects (SOs), enable a new paradigm of interactivity among all manner of things and people. With the rapid growth of Internet-of-Things (IoT) devices, security and privacy issues emerged as a potential roadblock for widespread adoption. Preliminary research indicates that many types of IoT devices have serious vulnerabilities. Authentication, or verifying the genuineness of smart devices and establishing trust for critical infrastructure, plays a vital role in the realization of the IoT. Testbeds for experimental IoT research have flourished, most focusing on usability issues such as scalability and heterogeneity. With an affordable IoT testbed at a university lab, experiments using tools categorized by SANS Critical Security Controls are conducted from both offense and defense sides.
In this project, we propose a testbed for investigation of security and privacy issues of IoT devices. Fundamental approach used in the testbed is to capture layer 2 and layer 3 packets and to analyze the packets for various features. Using the testbed, we can investigate security and privacy issues of a set of IoT devices. A large set of experiments can be conducted on IoT devices using the testbed including vulnerability scans, and penetration testing.
Both parties see the benefits of this project, have a desire to pursue the project and have determined that each brings unique expertise and experience necessary to accomplish the objectives outlined above.