# VISCR: Intuitive & Conflict-free Automation for Securing the Dynamic   Consumer IoT Infrastructures

**Authors:** Vasudevan Nagendra, Arani Bhattacharya, Vinod Yegneswaran, Amir, Rahmati, Samir R Das

arXiv: 1907.13288 · 2019-08-01

## TL;DR

VISCR is a vendor-independent engine that simplifies and secures IoT automation by translating heterogeneous policies into a conflict-free, graph-based system, detecting violations, and proposing improvements efficiently.

## Contribution

VISCR introduces a novel tree-based abstraction and graph translation approach for conflict-free policy enforcement in consumer IoT infrastructures, handling heterogeneous vendor specifications.

## Key findings

- VISCR detected all known violations and uncovered new ones in a large IoT app dataset.
- It significantly reduced analysis time compared to existing tools, enabling real-time policy updates.
- VISCR effectively infers and proposes new policies for conflict resolution in IoT environments.

## Abstract

Consumer IoT is characterized by heterogeneous devices with diverse functionality and programming interfaces. This lack of homogeneity makes the integration and security management of IoT infrastructures a daunting task for users and administrators. In this paper, we introduce VISCR, a Vendor-Independent policy Specification and Conflict Resolution engine that enables conflict-free policy specification and enforcement in IoT environments. VISCR converts the topology of the IoT infrastructure into a tree-based abstraction and translates existing policies from heterogeneous vendor-specific programming languages such as Groovy-based SmartThings, OpenHAB, IFTTT-based templates, and MUD-based profiles into a vendor-independent graph-based specification. Using the two, VISCR can automatically detect rouge policies, conflicts, and bugs for coherent automation. Upon detection, VISCR infers new policies and proposes them to users as alternatives to existing policies for fine-tuning and conflict-free enforcement. We evaluated VISCR using a dataset of 907 IoT apps, programmed using heterogeneous automation specifications in a simulated smart-building IoT infrastructure. In our experiments, among 907 IoT apps, VISCR exposed 342 of IoT apps as exhibiting one or more violations. VISCR detected 100% of violations reported by existing state-of-the-art tool, while detecting new types of violations in an additional 266 apps. In terms of performance, VISCR can generate 400 abstraction trees (used in specifying policies) with 100K leaf nodes in <1.2sec. In our experiments, VISCR took 80.7 seconds to analyze our infrastructure of 907 apps; a 14.2X reduction compared to the state-of-the-art. After the initial analysis, VISCR is capable of adopting new policies in sub-second latency to handle changes.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1907.13288/full.md

## Figures

24 figures with captions in the complete paper: https://tomesphere.com/paper/1907.13288/full.md

## References

85 references — full list in the complete paper: https://tomesphere.com/paper/1907.13288/full.md

---
Source: https://tomesphere.com/paper/1907.13288