Security and Privacy of IoT Apps and Devices

Event Details
Thursday, September 28, 2023
3:30 p.m., 115 Avery Hall

4:30 p.m., 115 Avery Hall

Selcuk Uluagac, Ph.D.

Eminent Scholar Chaired Professor, Knight Foundation School of Computing and Information Science at Florida International University (FIU)


Cyber space is expanding fast with the introduction of new Internet of Things (IoT) and CPS devices. Wearables, smart watches, smart glasses, fitness trackers, medical devices, Internet-connected house appliances and vehicles have grown exponentially in a short period of time. Given the increasingly critical nature of the cyberspace of these IoT devices and applications, it is imperative that they are secured against malicious activities. In this talk, I will introduce different current research projects in Cyber-Physical Systems Security Lab (CSL) ( related to the security and privacy of IoT devices and applications, highlighting how different machine learning algorithms enabled impeccable results: (1) The first topic will introduce the sensory channel threats to CPS and IoT systems. I will discuss how using sensory channels (e.g., light, temperature, infrared), an adversary can successfully attack IoT/CPS applications and devices. (2) The second topic will introduce the design of a novel IoT device fingerprinting and identification framework to complement existing security solutions (e.g., authentication and access control) in identifying IoT devices (i.e., ensuring the devices are actually who they are). (3) The third topic will focus on how IoT devices deployed in smart settings (e.g., home, office) can leak sensitive information (events, activities) from different IoT apps and implementations even if the traffic is encrypted. (4) I will introduce a usable wearable- assisted continuous authentication framework where a wearable device (e.g., smartwatch) is used to authenticate a computer user continuously utilizing the motion sensors ofthe wearable. Finally, (5) I will share our most recent work in detecting illegal bitcoin operations (i.e., cryptojacking) that uses machine learning techniques to accurately detect the presence of unwarranted cryptomining activity in real-time.

Speaker Bio

Dr. Uluagac is currently an Eminent Scholar Chaired Professor in the Knight Foundation School of Computing and Information Science at Florida International University (FIU), where he leads the Cyber-Physical Systems Security Lab, with an additional courtesy appointment in the Department of Electrical and Computer Engineering. Before FIU, he was a Senior Research Engineer at Georgia Tech and Symantec. He holds a PhD from Georgia Tech and MS from Carnegie Mellon University. In 2015, Dr. Uluagac received a Faculty Early Career Development (CAREER) Award from the US National Science Foundation (NSF), which is NSF’s most prestigious award in support of junior faculty who exemplify the role of teacher-scholars through outstanding research, excellent education and the integration ofeducation and research within the context ofthe mission oftheir organizations. In 2015, he was awarded the US Air Force Office of Sponsored Research (AFOSR)’s Summer Faculty Fellowship. In 2016, he received the Faculty Fellowship from the University of Padova, Italy. He has also received other awards for the quality of his mentoring and research, including (1) FIU Provost Office Top Scholar Award in Established Faculty with Significant Grants (STEM Category), 2023, (2) FIU Faculty Senate Research Excellence Award, 2023, (3) FIU Provost Office Top Scholar Award in Faculty with Notable Gains in Student Learning and Success (Sciences) Category, 2021, (4) FIU College of Engineering and Computing Faculty Award in Excellence in Research and Creative Activities Category, 2021, (5) FIU Eminent Scholar Chaired Associate Professor in the College of Engineering and Computing 2020. In 2021, he received Google’s Android Security and Privacy (ASPIRE) Research award and received a fellowship from the Sapienza University of Rome, Italy in 2022.

He is an expert in the areas of cybersecurity and privacy with an emphasis on their practical and applied aspects and teaches classes in these areas. He has hundreds of research papers/studies/publications in the most reputable venues. His research in cybersecurity and privacy has been funded by numerous government agencies and industry, including the US NSF, the US Dept. of Energy, US Air Force Research Lab, US Dept. of Labor, Cyber Florida, Google, Microsoft, TrendMicro, and Cisco, inter alia. He is very entrepreneurial and visionary with his research. Many of his research ideas have resulted in patents (17 total) with one licensed to a company recently.

He is an active member of IEEE and ACM and a regular contributor to national panels and leading journals and conferences in the field. He has served on the program committees of top-tier security conferences such as IEEE S&P (Oakland), NDSS, USENIX, inter alia. He was the General Chair of ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) in 2019. He is the TPC Chair of ACM CCS 2023 Security & ML Track, TPC Co-Chair of2022 IEEE CNS. In 2018, he co-chaired the NIST’s National Initiative for Cybersecurity Education Annual Expo and Conference. Currently, he serves on the editorial boards of IEEE Transactions of Information Forensics and Security (Deputy Editor-in-Chief), IEEE Transactions on Mobile Computing, and Elsevier Computer Networks. And, he is very active in the local and national community; his research has been covered by different media outlets (TV, online, published) numerous times.

More info can be obtained from: