Month: March 2020

Investigating Privacy Threats in Smart Homes

/ bugejajoseph / Leave a comment

On Tuesday, I gave a presentation at PerCom 2020. This was the first time, the conference was held completely online (due to the global pandemic of COVID-19), and speakers were asked to deliver their presentations remotely over Zoom.

In my case, I gave two live presentations in the Work In Progress (WiP) session being chaired by Diane Cook.  During this time, I discussed how smart connected homes can be formally modeled so that privacy threats can be systematically identified and analyzed.  Take a look at my short teaser clip below.

In case you are interested in the accompanying poster for my presentation, you can access it either from my Presentations menu tab or otherwise by clicking here.  Also, I have uploaded the slides for the video which you can access here.

As always, please feel free to contact me in case you want to know more about this paper, and about security and privacy in general. Finally, I want to remind and encourage you to submit to PerCom or its workshops. You can get some high-quality feedback on your work that can help you improve it and more.

The Current State of IoT Security and a Glimpse Into The Future

/ bugejajoseph / Leave a comment

On Tuesday 10th March, I  was invited to give a guest lecture about IoT security in Blekinge Tekniska Högskola (BTH) in Karlskrona, Sweden. Karlskrona is approximately 3 hours away from Malmö.

During my lecture, I gave realistic examples of attacks that targeted IoT systems. For instance, attacks targeting consumer drones, electric cars, and IP cameras. I also discussed the technical, procedural, and human challenges involved in securing IoT and some safeguards.

Blekinge Tekniska Högskola.

In the future, I will work to automate IoT security.  Similar to smart devices acting autonomously to perceive and act on their environment, IoT security should evolve towards greater autonomy in detecting threats and reacting to attacks. This evolution relates to the autoimmunity of smart devices allowing for the prevention and containment of attacks in hostile environments.

You can access a condensed version of my lecture here.

 

Presenting my research project at LTH

/ bugejajoseph / Leave a comment

On 4 March 2020, I had the opportunity to present my PhD research project at Lund University.  My presentation titled “Security and privacy in smart connected homes” was held in front of a mixed audience, consisting of key industry professionals and well-established academics.  Many interesting questions were raised after each presentation. Two questions directed to me were about updates concerning attacks targeting smart speaker systems, and another one whether secure regions within the home area network can be configured to have parts of the home or the entire home offline.

The workshop opening slide by Prof. Per Runeson.

Moving on to the discussion part of the workshop there were different takeaways. One of the main ones was the difficulty of instilling security awareness, especially to the general consumer when purchasing and using IoT products. One can have a lot of security features embedded in his product but if the customer is not aware of those or does not know how to enable them then that is a challenge. Another key point that was shared across multiple presentations and raised as a discussion item,  was the huge spike of vulnerabilities being reported, especially during the past 3 years.  Here, it is interesting to investigate what is actually being targeted and the causes of that.  Perhaps, this is not only related to the digitization of ‘everything’ but as well to the constant reuse of software code, including the heavy reliance on software frameworks (including some operating systems that may have not been properly audited).  Organizations should remember that in addition to the tangible benefits you gain from building your software from reusable modular and perhaps opensource components you automatically inherit security vulnerabilities and risks.

My presentation at LTH.

I highly encourage you to attend this quarterly workshop especially if you are into software engineering but even if you are not. Certainly, you can learn about what’s happening from the research side but as well from industry professionals. Besides, it is a good opportunity to network and share ideas with other likeminded people!

Check the workshop agenda: https://www.lth.se/digitalth/events/?event=softwarelth-workshop-internet-of-things-and-security

Strengthen your academic writing skills with this resource

/ bugejajoseph / Leave a comment

If you are planning on writing a scholarly publication, maybe it is your first research article, you want to make sure that you use the appropriate jargon for that. This is especially if you are a non-native speaker of English. A truly good resource that can help in that is the Academic Phrasebank maintained by The University of Manchester.

This resource provides numerous examples of phraseological “nuts and bolts” for writing organized according to the main sections of a research paper or dissertation. The phrases in this resource have been extracted from authentic academic sources including postgraduate dissertations and phrases from academic articles drawn from a broad spectrum of disciplines.

Consider consulting it for your next manuscript.