TULIPS: Projects

Technology Usability Lab In Privacy and Security

IoT Awareness

The Internet of Things (IoT) has great potential for helping people in many aspects of their lives, however; it also has great potential to cause serious security and privacy issues. In this project we look at awareness around IoT, how people currently think about IoT devices, how to help them become better informed, and how to provide a better sense of control over the seemingly uncontrollable amount of data produced.

One of the first problems is understanding how IoT devices interact with the world around them, both in terms of how they communicate with the people who own them and how they interact with other computers both inside and outside their local networks. In an initial exploration of this space we investigated the unboxing of IoT devices and how to best capture all these aspects during a controlled unboxing of a new device [1]. Capturing all communications is actually surprisingly complex and requires recording from multiple angles including packet capture from several points, video capture of the human-visible components of the device, and capture of various aspects of the associated app, if any.

We have also started exploration of different ways to help people understand the types of network connections being formed between IoT devices and the Internet. As part of a series of student projects we put OpenVAS on a router and performed pcap capture of IoT devices. We are now exploring different ways to present the captured information to end users.

Publications

  1. Kami Vaniea, Ella Tallyn, and Chris Speed. Capturing the Connections: Unboxing Internet of Things Devices. arXiv:1708.00076, 2017.

People

Current

Funding

Research and projects here are partially funded by the following groups:

Related Student Projects

Project screenshot.

Interactive physical visual aid to support active learning in understanding DDoS concepts

Willy Halim Dinata (2016-2017, Masters Thesis)

Supervisor: Kami Vaniea

This project explored a new way to bring security awareness of Distributed Denial of Service (DDoS) attacks to the masses. The project consisted of a physical-visual aid showing participants a set of simulated Internet of Things (IoT) devices. Participants could interact with the IoT devices through a Facebook chat bot and use them to attack the video server in the center of the board. When all four IoT devices attack at once the video slows to a crawl.

Project screenshot.

Visualize router traffic

Constantinos Chrysostomou (2016-2016, Internship)

Supervisor: Kami Vaniea

The Internet of Things (IoT) can make it seem like we have lost control over where our data goes. In this project we took IoT traffic passing across a home network router and visualized where in the world the traffic was going in a live display. The system used D3 for the visualization and a system created by Nikolaos Tsirigotakis to do the packet capture.

Project screenshot.

A framework for an en masse network security evaluation and network flow analysis for the Internet of Things era

Nikolaos Tsirigotakis (2015-2016, Masters Thesis)

Supervisor: Kami Vaniea

Internet of Things (IoT) is characterized by rapid expansion on top of several different standards, protocols, and technologies, making security evaluation on a per-devices scale prohibitively time consuming. This project focused on building a router-based platform to change all that by allowing the automation of security checks.