Biography: Ing-Ray Chen received the BS degree from the National Taiwan University, and the MS and PhD degrees in computer science from the University of Houston. He is a professor in the Department of Computer Science at Virginia Tech. His research interests are primarily in service and trust management as well as reliability and performance analysis of mobile systems and wireless networks, including Internet of Things, wireless sensor networks, service-oriented peer-to-peer networks, ad hoc networks, mobile social networks, mobile web services, mobile cloud services, and cyber physical systems. Dr. Chen currently serves as an editor for IEEE Transactions on Services Computing, IEEE Transactions on Network and Service Management, and The Computer Journal. He is a recipient of the IEEE Communications Society William R. Bennett Prize in the field of Communications Networking and a recipient of the U.S. Army Research Laboratory (ARL) Publication Award.
Speech Title: IoT Security in Cyber Physical Systems
Abstract: The problem we propose to solve is the vulnerability to infrastructure damage, service interruption, and revenue loss caused by malicious Internet of Things (IoT) devices embedded in a cyber physical system. We investigate a solution to this problem by detecting misbehavior of embedded IoT devices that exploit the vulnerability through known or unknown attacks. The solution we are offering is a lightweight behavior rule specification-based monitoring technique with which misbehavior of an IoT device manifested as a result of attacks exploiting the vulnerability exposed may be detected through automatic model checking and formal verification, regardless of whether the attack is known or unknown. Unlike contemporary anomaly based detection solutions, our solution avoids the high cost associated with profiling and learning anomaly patterns of malicious IoT devices at run time. As a result, we position our behavior rule specification-based misbehavior detection technique as the only feasible solution in terms of low memory, run time, communication, and computation overhead and high prediction accuracy to ensure protection of resource-constrained embedded IoT devices against zero-day attacks.
Keywords: IoT, security, cyber physical systems, zero-day attacks