Provenance Tracing in the Internet of Things


Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl Gunter, University of Illinois at Urbana-Champaign


As the Internet of Things (IoT) continues to proliferate, diagnosing incorrect behavior within increasingly-automated homes becomes considerably more difficult. Devices and apps may be chained together in long sequences of trigger-action rules to the point that from an observable symptom (e.g., an unlocked door) it may be impossible to identify the distantly removed root cause (e.g., a malicious app). We present a platform-centric approach to centralized auditing in the Internet of Things. Our system performs efficient automated instrumentation of IoT apps in order to generate data provenance that provides a holistic explanation of system activities, including malicious behaviors. Here, we prototype our system for the Samsung SmartThings platform, and consider how it can be leveraged to meet the needs of a variety of stakeholders in the IoT ecosystem.

@conference {205192,
title = {Provenance Tracing in the Internet of Things},
year = {2017},
address = {Seattle, WA},
publisher = {USENIX Association},
month = jun