Date: November 27, 2018
Time: 11:00 am
Location: Room E404, CSE Building
Admission: This event is free and open to the public.
Automated IoT Security and Privacy Analysis
Abstract: The introduction of commodity Internet of Things (IoT) devices that integrate physical processes with digital connectivity has changed the way we live. Yet, while industry and users have embraced the systems supporting IoT, the technical community has limited capability to evaluate and ultimately enforce the correct operation of IoT implementations. As a consequence, software design flaws, bugs, and security vulnerabilities in IoT systems can and have led to failures and privacy loss.
In this talk, I will discuss how to ensure IoT implementations adhere to safety, security, and privacy properties using a range of analysis techniques. In particular, I will introduce two systems for automated security and privacy analysis of IoT source code: A static taint analysis system, which characterizes the use and potential misuse of sensitive data and uncovers privacy issues in IoT applications; and a system for formal verification of IoT applications via model checking for safety and security. Through this research, we develop formally grounded methods for analysis of IoT applications and enable developers, markets, and consumers to identify threats to security and privacy.
Biography: Berkay Celik is a Ph.D. candidate in Computer Science and Engineering at the Pennsylvania State University, advised by Prof. Patrick McDaniel. Berkay has researched a variety of security topics, including machine learning systems, network security, and privacy enhancing technologies. He earned his M.S. at Penn State with a major in Computer Science and Engineering and a minor in Computational Science. His dissertation is in the area of Internet of Things (IoT), particularly the construction of systems that ensure safety, security, and privacy in commodity IoT applications through program analysis. He expects to earn his Ph.D. in Spring 2019. Berkay has had several internships in industry, including at VMware and Vencore Labs.