IoT Security Research Lab

Overview

The proliferation of IoT devices which can be more easily compromised than desktop computers has led to an increase in the occurrence of IoT-related attacks. Due to the widespread adoption of such devices, their diversity, standardization obstacles, and inherent mobility, several security and privacy challenges have emerged over the past few years.

At the IoT Security Lab of BGU, the researchers focus on developing innovative methods to study and mitigate numerous IoT-related threats. Among them are (1) detection of attacks launched from compromised IoT devices using network- and/or host- based data; (2) profiling, detection and whitelisting of IoT device types and models, either before or after a NAT; (3) frameworks for automated security assessment of IoT devices; (4) IoT vulnerability analysis and mitigation; etc.

At the IoT Security Lab an emphasis is set on evaluating the new methods as realistically as possible. For that numerous and various commercial IoT devices are deployed and operated naturally on a daily basis. Their traffic data is routinely collected, followed by innovative and efficient methods of feature extraction, and also cutting-edge approaches of machine and deep learning.

The team of researchers also enjoy collaborating with peers from the academia (e.g., from Singapore University of Technology and Design) as well as from the hi-tech industry.

Since January 2019, researchers from the IoT Security Lab have been taking an active part in CONCORDIA, a Horizon-2020 Cybersecurity Competence Network with leading research, technology, industrial and public competences, aimed at building the European Secure, Resilient and Trusted Ecosystem.

Researchers

Prof. Yuval Elovici
Yuval Elovici is the director of the Telekom Innovation Laboratories at Ben-Gurion University of the Negev (BGU), head of BGU Cyber Security Research Center, Research Director of iTrust at SUTD, Lab Director of ST Electronics – SUTD Cyber Security Laboratory and a Professor in the Department of Information Systems Engineering at BGU. He holds B.Sc. and M.Sc. degrees in Computer and Electrical Engineering from BGU and a Ph.D. in Information Systems from Tel-Aviv University. For the past 14 years he has led the cooperation between BGU and Deutsche Telekom. Prof. Elovici has published articles in leading peer-reviewed journals and in various peer-reviewed conferences. In addition, he has co-authored a book on social network security and a book on information leakage detection and prevention. His primary research interests are computer and network security, cyber security, web intelligence, information warfare, social network analysis, and machine learning. Prof. Elovici also consults professionally in the area of cyber security and is the co-founder of Morphisec, startup company that develops innovative cyber-security mechanisms that relate to moving target defense.
Prof. Asaf Shabtai
Asaf Shabtai is a senior lecturer (Assistant Prof.) in the Department of Software and Information Systems Engineering at Ben-Gurion University (BGU) of the Negev and a senior researcher at the Telekom Innovation Laboratories at BGU. Asaf is a recognized expert in information systems security and has led several large-scale projects and researches in this field. His main areas of interests are: computer and network security, machine learning, security awareness, smart mobile security, user profiling, social networks security, IoT security, security of avionic systems. Shabtai has published over 60 refereed papers in leading journals and conferences. In addition, he has co-authored a book on information leakage detection and prevention. Shabtai received a PhD in information systems engineering (2011) from Ben-Gurion University.
Shahar Siboni
Shachar Siboni received the B.Sc. and M.Sc. degrees in communication systems engineering from the Ben-Gurion University of the Negev (BGU), Beersheba, Israel, where he is currently working toward the Ph.D. degree at the Department of Software and Information Systems Engineering. For the last 15 years, he has worked in a variety of roles at leading companies in the hi-tech industry, ranging from IT Technical Leader, Communication Systems Engineer, Real-Time Embedded Software Engineer/Developer and Team Leader, to Security Researcher and Project Manager. In his most recent role, he led a joint research project collaborating with research groups from BGU’s Cyber Security Research Center and the iTrust Centre for Research in Cyber Security, Singapore University of Technology and Design. His research interests include security risk analysis and machine learning approaches in the Internet of Things research domain.
Yair Meidan
Yair Meidan is a research project manager and a Ph.D. student at the Department of Software and Information System Engineering, Ben-Gurion University. His research interests include applied machine learning, IoT analytics, and cyber security. Meidan received both his B.Sc. and M.Sc. degrees in Industrial Engineering and Management from Ben-Gurion University as well. Post graduation he served in several roles of data science in the industry for seven years, while teaching academic introductory courses on data mining.

Publications

Privacy-Preserving Detection of IoT Devices Connected Behind a NAT in a Smart Home Setup
arXiv preprint arXiv:1905.13430 (2019)
Yair Meidan, Vinay Sachidananda, Yuval Elovici, Asaf Shabtai
https://arxiv.org/abs/1905.13430

ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis.
In Proceedings of the Symposium on Applied Computing (pp. 506-509). ACM.
Meidan, Y., Bohadana, M., Shabtai, A., Guarnizo, J. D., Ochoa, M., Tippenhauer, N. O., & Elovici, Y. (2017, April).
https://dl.acm.org/citation.cfm?id=3019878
N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders.
IEEE Pervasive Computing, 17(3), 12-22.
Meidan, Y., Bohadana, M., Mathov, Y., Mirsky, Y., Shabtai, A., Breitenbacher, D., & Elovici, Y. (2018).
https://ieeexplore.ieee.org/abstract/document/8490192
Best Paper Award Winners
Detection of Unauthorized IoT Devices Using Machine Learning Techniques.
arXiv preprint arXiv:1709.04647.
Meidan, Y., Bohadana, M., Shabtai, A., Ochoa, M., Tippenhauer, N. O., Guarnizo, J. D., & Elovici, Y. (2017).
https://arxiv.org/abs/1709.04647
Security Testbed for Internet-of-Things Devices.
IEEE Transactions on Reliability.
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., … & Elovici, Y. (2018).
https://ieeexplore.ieee.org/abstract/document/8565917
Piping Botnet-Turning Green Technology into a Water Disaster.
arXiv preprint arXiv:1808.02131.
Nassi, B., Sror, M., Lavi, I., Meidan, Y., Shabtai, A., & Elovici, Y. (2018).
https://arxiv.org/abs/1808.02131
Let the cat out of the bag: A holistic approach towards security analysis of the internet of things.
In Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security (pp. 3-10). ACM.
Sachidananda, V., Siboni, S., Shabtai, A., Toh, J., Bhairav, S., & Elovici, Y. (2017, April).
https://dl.acm.org/citation.cfm?id=3055251
A Lightweight Vulnerability Mitigation Framework for IoT Devices.
In Proceedings of the 2017 Workshop on Internet of Things Security and Privacy (pp. 71-75). ACM.
Hadar, N., Siboni, S., & Elovici, Y. (2017, November).
https://dl.acm.org/citation.cfm?id=3139944
POSTER: Towards Exposing Internet of Things: A Roadmap.
In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp. 1820-1822). ACM.
Sachidananda, V., Toh, J., Siboni, S., Shabtai, A., & Elovici, Y. (2016, October).
https://dl.acm.org/citation.cfm?id=2989046
An attack scenario and mitigation mechanism for enterprise BYOD environments.
ACM SIGAPP Applied Computing Review, 18(2), 5-21.
Siboni, S., Shabtai, A., & Elovici, Y. (2018).
https://dl.acm.org/citation.cfm?id=3243065
Leaking data from enterprise networks using a compromised smartwatch device.
In Proceedings of the 33rd Annual ACM Symposium on AppliedComputing (pp. 741-750). ACM.
Siboni, S., Shabtai, A., & Elovici, Y. (2018, April).
https://dl.acm.org/citation.cfm?id=3167214
Vesper: Using Echo-Analysis to Detect Man-in-the-Middle Attacks in LANs
IEEE Transactions on Information Forensics and Security
Mirsky, Y., Kalbo, N., Elovici, Y., Shabtai, A.,
Security Testbed for Internet of Things Devices
IEEE Transactions on Reliability
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai, A., Elovici, Y.,
An attack scenario and mitigation mechanism for enterprise BYOD environments
ACM SIGAPP Applied Computing Review, 18(2), 5-21, 2018
Siboni, S., Shabtai, A., Elovici, Y.,
Detection of Threats to IoT Devices using Scalable VPN-forwarded Honeypots
In Proc. of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY 2019), Dallas, Texas, USA, March 25-27, 2019
Tambe, A., Aung, Y.L., Sridharan, R., Ochoa, M., Tippenhauer, N.O.., Shabtai, A. Elovici, Y.,
Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks
In Proc. Of the 2018 Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC 2018), pp. 72-83. Toronto, Canada, October 17, 2018
Kravchik, M., Shabtai, A.
Incentivized Delivery Network of IoT Software Updates Based on Trustless Proof-of-Distribution
IEEE Security & Privacy on the Blockchain (IEEE S&B 2018), London, UK, April 23, 2018
Leiba, O., Yitzchak, Y., Bitton, R., Nadler, A., Shabtai, A.,
Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection
The Network and Distributed System Security Symposium (NDSS 2018), San Diego, USA, February 18-21, 2018
Mirsky, Y., Kalbo, N., Elovici, Y., Shabtai, A.,
Leaking Data from Enterprise Networks Using a Compromised Smartwatch Device
The 33rd ACM/SIGAPP Symposium On Applied Computing (SAC 2018), Pau, France, April 9-13, 2018
Siboni, S., Shabtai, A., Elovici, Y.
Shattered Trust: When Replacement Smartphone Components Attack
11th USENIX Workshop on Offensive Technologies (WOOT 2017), Vancouver, Canada, August 14-15, 2017
Swartz, O., Cohen, A., Shabtai, A., Oren, Y.,
Let the Cat Out of the Bag: A Holistic Approach Towards Security Analysis of the Internet of Things
3rd International Workshop on IoT Privacy, Trust, and Security (IoTPTS 2017), Abu Dhabi, UAE, April 2, 2017
Guarnizo, J., Tambe, A., Bhunia, S., Ochoa, M., Tippenhauer, N., Shabtai, A., Elovici, Y.,
SIPHON: Towards Scalable High-Interaction Physical Honeypots
3rd ACM Cyber-Physical System Security Workshop (CPSS 2017), Abu Dhabi, UAE, April 2, 2017
Guarnizo, J., Tambe, A., Bhunia, S., Ochoa, M., Tippenhauer, N., Shabtai, A., Elovici, Y.,
From Smashed Screens to Smashed Stacks: Attacking Mobile Phones using Malicious Aftermarket Parts
Workshop on Security for Embedded and Mobile Systems (SEMS 2017), Paris, France, April 30, 2017
Shwartz, O., Shitrit, G., Shabtai, A., Oren, Y.,
The Curious Case of the Curious Case: Detecting touchscreen events using a smartphone case
Workshop on Security for Embedded and Mobile Systems (SEMS 2017), Paris, France, April 30, 2017
Glick, T., Oren, Y., Puzis, R., Shabtai, A.,

Awards