Sensitive Information Tracking in Commodity IoT

TL;DR

This paper introduces SainT, a static analysis tool for IoT applications that detects sensitive data flows, helping to evaluate privacy and security risks in commodity IoT devices and apps.

Contribution

The paper presents SainT, a novel static taint analysis framework specifically designed for IoT applications, including a new IR translation and evaluation on real-world and benchmark apps.

Findings

138 out of 230 IoT apps contain sensitive data flows

SainT successfully identifies data leaks in IoTBench apps

Provides a framework for assessing privacy risks in IoT applications

Abstract

Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced manufacturing and other IoT apps have changed the way we live, play, and work. Yet extant IoT platforms provide few means of evaluating the use (and potential avenues for misuse) of sensitive information. Thus, consumers and organizations have little information to assess the security and privacy risks these devices present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates in three phases; (a) translation of platform-specific IoT source code into an intermediate representation (IR), (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data flows. We evaluate SainT on 230 SmartThings market apps and find 138 (60%) include sensitive data flows. In addition, we demonstrate SainT on IoTBench, a novel open-source test suite containing 19 apps with 27 unique data leaks. Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying potential threats to security and privacy.