Securing Internet-of-Things with Risk Optimization and the Blockchain

Ruozhou Yu

Event Details
Tuesday, March 5, 2019
Talk:
4 p.m., Avery 115

Reception:
3:30 p.m., Avery 348

Ruozhou Yu

Ph.D. Candidate, Arizona State University

Abstract

The Internet-of-Things (IoT) has the potential to revolutionize our daily lives. Yet, the complexity, heterogeneity and scale of IoT-based systems have led to new security risks in our digital or even physical lives. Left unchecked, the vulnerable IoT devices could not only leak sensitive information of the device owners, but could also be used as a powerful weapon against any other component of our Internet. This has been demonstrated in the recent large- scale DDoS attacks launched almost exclusively through IoT devices. With the capability of traditional security mechanisms being limited by the constrained resources of IoT devices, we are left with few choices in defending our cyber-physical world.

In this talk, I will focus on my efforts in addressing security in resource-constrained IoT, from the views of both the IoT provider and the end users. On one hand, the IoT provider can enhance overall system security by deploying in-network security functions, and we show how to deploy security functions that result in the maximum level of security of the IoT network. On the other hand, end users are also appealed to secure their own devices despite their limited control over the IoT infrastructure, and we show how to achieve decentralized trust-based security by building a blockchain-based secure access platform for resource-constrained IoT devices. While the proposed solutions target addressing the security of IoT, they also have applications and extensions beyond this specific context.

Speaker Bio

Ruozhou is a PhD candidate in the School of Computing, Informatics, and Decision System Engineering at Arizona State University. His research expertise lies at the intersection of cybersecurity, networking, and distributed systems. His current research interests include blockchain-based IoT, blockchain payment and state channels, IoT security and privacy, cloud and edge computing, etc. His work has been published on top-tier conferences and journals such as IEEE INFOCOM, IEEE JSAC and IEEE/ACM ToN. He has served as reviewers for top journals such as IEEE JSAC, TMC, TPDS, TWC, etc.