Identifying and obfuscating security vulnerabilities and behaviors in IoT

Abstract

This project aims at preventing data leaks in the transmission of network messages. Data privacy is increasingly necessary given the advent of IoT, which generates sensitive data, and the implementation of the Brazilian General Data Protection Law (LGPD). In academia, side-channel attacks are diligently investigated, which only by observing network traffic and by means of statistical and Artificial Intelligence methods to infer patterns and behaviors that reveal sensitive information to users, compromising their privacy. Thus, this project seeks to model information leakage in IoT and propose effective solutions for: (i) automated identification of security vulnerabilities associated with data privacy and (ii) obfuscation of the identified vulnerabilities. For the identification and obfuscation of vulnerabilities, it is intended to apply artificial intelligence techniques. This project contributes to the scientific advancement of the Internet and to the improvement of technologies aimed at implementing the LGPD. The performance evaluations of the proposed solutions will be conducted in the cybersecurity test environment under development within the scope of the MCTIC/FAPESP MENTORED project. (AU)