8:30 – 8:45 AM
Opening Remarks
8:45 -– 10:00 AM
Keynote: Securing the IoT: Critical Research Challenges
Prof. Sean Smith of Dartmouth University
10:00 – 10:30 AM
Break
10:30 – 11:45 AM
Attacks in IoT Systems (Session Chair: Rakesh Bobba)
11:45 – 12:00 Noon
Closing Remarks
Abstract: In the current Internet of Computers (IoC), paradigms and techniques have emerged to manage security risks, at least somewhat. However, the Internet of Things is different from the IoC, and these differences cause many of these paradigms to stop working. With the deep embedding of the IoT in the physical world, the consequences may have significant physical impact. Drawing on power and healthcare IT as prototypes of the coming IoT, this talk surveys what I believe are critical problem areas and discusses some approaches to finding solutions.
Speaker Bio: Sean W. Smith is a Professor in the Department of Computer Science at Dartmouth College. He has been working in real-world information security – attacks and defenses, for industry and government – since before there was a Web; at IBM T.J. Watson Research Center, he designed the security architecture for (and helped code and test) the IBM 4758 secure coprocessor, and then led the formal modeling and verification work that earned it the world’s first FIPS 140-1 Level 4 security validation. His recent book “The Internet of Risky Things” (O’Reilly, 2017) explores the IoT security space.
The Internet-of-Things (IoT) has taken off in a big way and finds itself embedded in our daily lives - from smart home applications to process control monitoring in manufacturing systems, wearables to healthcare, public utilities to military applications, to name just a few. The surge in interest in smart cities increases the scope and reach of IoT-style applications in a significant manner. These applications generate huge volumes of data, have access to personal and confidential information, monitor and control critical processes and are often accessed/controlled via public networks such as the Internet. Hence, they are prime targets for malicious entities and have little to no security mechanisms in place. In addition, most users of such devices/systems are not cognizant of the privacy issues - leakage of personal information for instance, or external entities being able to retrace/recreate our activities from public data obtained through the use of IoT devices/services. On the other hand, onerous security and privacy mechanisms may render these systems useless for most consumers. Hence, there is a need to develop innovative techniques to improve protections for such systems. This is particularly challenging since many IoT systems are often limited in terms of computation power, memory, battery life, bandwidth, etc.
Hence, the goal of IoTSec will be to bring together experts in various areas (security, privacy, embedded systems, sensor networks, etc. along with domains experts from medicine, manufacturing systems, mobile devices and so on) to study and develop security and (usable) privacy mechanisms for next generation IoT systems.
Update (01 Mar. 2019): The deadline is extended until March 3 (AoE).
Update (19 Feb. 2019): Deadline extended to February 28.
News (11 Jan. 2019): Submission site open!
The areas of interest for the workshop includes, but is not limited to, the following:
All papers must be original and not simultaneously submitted to another journal or conference. The following paper categories are welcome:
Submissions limited to four, two column, pages
Submission Template: https://www.acm.org/publications/proceedings-template
Submission site: https://iotsec19.hotcrp.com/