This REU Site will host a diverse group of students from universities across the nation who will spend their summer working on research related to the security and privacy of smart things. Such devices include smart thermostats, voice-activated speakers, smart cameras, smart locks, watches and plugs, and so on. Indeed, the pandemic conditions with COVID-19 have just fueled the use of these devices due to increased work-from-home settings. For instance, an average American home now has 25 smart devices in addition to phones, laptops, PCs, etc. Similarly, smart devices have also increased in work and social environments to be used from parking, exercising to making touchless digital payments even with cryptocurrencies. Since these devices communicate and process a lot of data, they are vulnerable to various cyber attacks such as malware, unauthorized access, impersonation, data modification, and denial-of-service. Another potential threat involves the privacy violation of users who may provide their personal data via their smart devices. Examples include location tracking, activity monitoring, and leakage of sensitive information. This REU Site will offer practical mitigation approaches to the security and privacy challenges stemming from the use of smart devices within our homes and work environments while contributing to the development of a diverse, technologically-skilled, and cyber-savvy workforce, who can help protect our smart devices, homes, and buildings.
The proposed project will introduce practical innovations and mechanisms for maintaining the security, availability, and privacy of 1) smart devices such as phones, appliances, and wearable devices, and 2) smart homes and buildings that increasingly deploy these devices. The proposed projects will help in reaping the full benefits of secure technologies through capturing the interactions and associated data between the smart devices and environments. The intellectual merit includes designing defense mechanisms against intrusions customized for these devices; blockchain and cryptocurrency support to enable touchless digital payments; applying various resource-aware machine learning and data analytics techniques for security; and utilizing hardware-based techniques for firmware updates. These approaches will contribute to overall safety of the users as well as the larger networks such as home or ISP networks that interact with these devices.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.