Using malware for software-defined networking–based smart home security management through a taint checking approach

P. Wang, Kuo-Ming Chao, C.-C. Lo, W.-H. Lin, H.-C. Lin, W.-J. Chao

Research output: Contribution to journalArticle

3 Citations (Scopus)
24 Downloads (Pure)

Abstract

Numerous security concerns exist in smart home systems in which Internet of Things devices are connected through a home network to enable control using a centralised gateway with a handset device from the Internet. Safeguarding personal information privacy is an increasing concern in smart living services. To guarantee the mobile security of smart living services, security managers use taint checking approaches with dynamic taint propagation analysis operations to examine how a software-defined networking app uses sensitive information and investigate suspicious security vulnerabilities of devices and the effects of the spread of taint propagation over the Internet by identifying taint paths. For solving the dynamic taint propagation analysis problem, most approaches focus on cloud computing applications (apps) with malware threat analysis that involves program vulnerability analyses, rather than on the risk posed by suspicious apps connected to the cloud computing server. Accordingly, this article proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme for tracking data with taint marking using several taint checking tools with an open software-defined networking architecture for solving the dynamic taint propagation analysis problem. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of risks posed by suspicious apps connected to the centralised gateway in a smart home system. In probabilistic risk analysis, risk and defence capability are used for each taint path to assist a defender in recognising the attack results against network threats caused by malware infection and to estimate the losses of associated taint sources. A case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. A new approach was used for verifying the details of an attack sequence for malware infection by incorporating a finite state machine to appropriately represent the real dynamic taint propagation analysis situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model enables a defender to convert the spread of taint propagation to loss and estimate the risk of a specific threat using behavioural analysis associated with 60 families of real malware. Consequently, our scheme was significantly effective in predicting the risk and loss of tainted data propagation for security concerns in smart home systems when the number of taint paths associated with the propagation rules discovered through taint analysis was increased.
Original languageEnglish
Article number1550147716662947
JournalInternational Journal of Distributed Sensor Networks
Volume12
Issue number8
DOIs
Publication statusPublished - 24 Aug 2016

Fingerprint

Cloud computing
Internet
Home networks
Gateways (computer networks)
Finite automata
Risk analysis
Managers
Servers
Malware
Software defined networking
Mobile security
Internet of things

Bibliographical note

This article is distributed under the terms of the Creative Commons Attribution 3.0 License (http://www.creativecommons.org/licenses/by/3.0/) which permits any use, reproduction and distribution of the work without further permission provided the original work is attributed as specified on the SAGE and Open Access page (https://us.sagepub.com/en-us/nam/open-access-at-sage).

Keywords

  • Mobile security
  • taint checking
  • software-defined networking
  • dynamic taint propagation
  • smart home system

Cite this

Using malware for software-defined networking–based smart home security management through a taint checking approach. / Wang, P.; Chao, Kuo-Ming; Lo, C.-C.; Lin, W.-H.; Lin, H.-C.; Chao, W.-J.

In: International Journal of Distributed Sensor Networks, Vol. 12, No. 8, 1550147716662947, 24.08.2016.

Research output: Contribution to journalArticle

@article{4103fc78bda143a793cb2943101b5047,
title = "Using malware for software-defined networking–based smart home security management through a taint checking approach",
abstract = "Numerous security concerns exist in smart home systems in which Internet of Things devices are connected through a home network to enable control using a centralised gateway with a handset device from the Internet. Safeguarding personal information privacy is an increasing concern in smart living services. To guarantee the mobile security of smart living services, security managers use taint checking approaches with dynamic taint propagation analysis operations to examine how a software-defined networking app uses sensitive information and investigate suspicious security vulnerabilities of devices and the effects of the spread of taint propagation over the Internet by identifying taint paths. For solving the dynamic taint propagation analysis problem, most approaches focus on cloud computing applications (apps) with malware threat analysis that involves program vulnerability analyses, rather than on the risk posed by suspicious apps connected to the cloud computing server. Accordingly, this article proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme for tracking data with taint marking using several taint checking tools with an open software-defined networking architecture for solving the dynamic taint propagation analysis problem. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of risks posed by suspicious apps connected to the centralised gateway in a smart home system. In probabilistic risk analysis, risk and defence capability are used for each taint path to assist a defender in recognising the attack results against network threats caused by malware infection and to estimate the losses of associated taint sources. A case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. A new approach was used for verifying the details of an attack sequence for malware infection by incorporating a finite state machine to appropriately represent the real dynamic taint propagation analysis situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model enables a defender to convert the spread of taint propagation to loss and estimate the risk of a specific threat using behavioural analysis associated with 60 families of real malware. Consequently, our scheme was significantly effective in predicting the risk and loss of tainted data propagation for security concerns in smart home systems when the number of taint paths associated with the propagation rules discovered through taint analysis was increased.",
keywords = "Mobile security, taint checking, software-defined networking, dynamic taint propagation, smart home system",
author = "P. Wang and Kuo-Ming Chao and C.-C. Lo and W.-H. Lin and H.-C. Lin and W.-J. Chao",
note = "This article is distributed under the terms of the Creative Commons Attribution 3.0 License (http://www.creativecommons.org/licenses/by/3.0/) which permits any use, reproduction and distribution of the work without further permission provided the original work is attributed as specified on the SAGE and Open Access page (https://us.sagepub.com/en-us/nam/open-access-at-sage).",
year = "2016",
month = "8",
day = "24",
doi = "10.1177/1550147716662947",
language = "English",
volume = "12",
journal = "International Journal of Distributed Sensor Networks",
issn = "1550-1329",
publisher = "SAGE Publications",
number = "8",

}

TY - JOUR

T1 - Using malware for software-defined networking–based smart home security management through a taint checking approach

AU - Wang, P.

AU - Chao, Kuo-Ming

AU - Lo, C.-C.

AU - Lin, W.-H.

AU - Lin, H.-C.

AU - Chao, W.-J.

N1 - This article is distributed under the terms of the Creative Commons Attribution 3.0 License (http://www.creativecommons.org/licenses/by/3.0/) which permits any use, reproduction and distribution of the work without further permission provided the original work is attributed as specified on the SAGE and Open Access page (https://us.sagepub.com/en-us/nam/open-access-at-sage).

PY - 2016/8/24

Y1 - 2016/8/24

N2 - Numerous security concerns exist in smart home systems in which Internet of Things devices are connected through a home network to enable control using a centralised gateway with a handset device from the Internet. Safeguarding personal information privacy is an increasing concern in smart living services. To guarantee the mobile security of smart living services, security managers use taint checking approaches with dynamic taint propagation analysis operations to examine how a software-defined networking app uses sensitive information and investigate suspicious security vulnerabilities of devices and the effects of the spread of taint propagation over the Internet by identifying taint paths. For solving the dynamic taint propagation analysis problem, most approaches focus on cloud computing applications (apps) with malware threat analysis that involves program vulnerability analyses, rather than on the risk posed by suspicious apps connected to the cloud computing server. Accordingly, this article proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme for tracking data with taint marking using several taint checking tools with an open software-defined networking architecture for solving the dynamic taint propagation analysis problem. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of risks posed by suspicious apps connected to the centralised gateway in a smart home system. In probabilistic risk analysis, risk and defence capability are used for each taint path to assist a defender in recognising the attack results against network threats caused by malware infection and to estimate the losses of associated taint sources. A case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. A new approach was used for verifying the details of an attack sequence for malware infection by incorporating a finite state machine to appropriately represent the real dynamic taint propagation analysis situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model enables a defender to convert the spread of taint propagation to loss and estimate the risk of a specific threat using behavioural analysis associated with 60 families of real malware. Consequently, our scheme was significantly effective in predicting the risk and loss of tainted data propagation for security concerns in smart home systems when the number of taint paths associated with the propagation rules discovered through taint analysis was increased.

AB - Numerous security concerns exist in smart home systems in which Internet of Things devices are connected through a home network to enable control using a centralised gateway with a handset device from the Internet. Safeguarding personal information privacy is an increasing concern in smart living services. To guarantee the mobile security of smart living services, security managers use taint checking approaches with dynamic taint propagation analysis operations to examine how a software-defined networking app uses sensitive information and investigate suspicious security vulnerabilities of devices and the effects of the spread of taint propagation over the Internet by identifying taint paths. For solving the dynamic taint propagation analysis problem, most approaches focus on cloud computing applications (apps) with malware threat analysis that involves program vulnerability analyses, rather than on the risk posed by suspicious apps connected to the cloud computing server. Accordingly, this article proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme for tracking data with taint marking using several taint checking tools with an open software-defined networking architecture for solving the dynamic taint propagation analysis problem. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of risks posed by suspicious apps connected to the centralised gateway in a smart home system. In probabilistic risk analysis, risk and defence capability are used for each taint path to assist a defender in recognising the attack results against network threats caused by malware infection and to estimate the losses of associated taint sources. A case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. A new approach was used for verifying the details of an attack sequence for malware infection by incorporating a finite state machine to appropriately represent the real dynamic taint propagation analysis situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model enables a defender to convert the spread of taint propagation to loss and estimate the risk of a specific threat using behavioural analysis associated with 60 families of real malware. Consequently, our scheme was significantly effective in predicting the risk and loss of tainted data propagation for security concerns in smart home systems when the number of taint paths associated with the propagation rules discovered through taint analysis was increased.

KW - Mobile security

KW - taint checking

KW - software-defined networking

KW - dynamic taint propagation

KW - smart home system

U2 - 10.1177/1550147716662947

DO - 10.1177/1550147716662947

M3 - Article

VL - 12

JO - International Journal of Distributed Sensor Networks

JF - International Journal of Distributed Sensor Networks

SN - 1550-1329

IS - 8

M1 - 1550147716662947

ER -