Internet-of-Things (IoT) platforms and devices are being widely used in industrial and domestic contexts. The platforms facilitate the interoperability between diferent smart devices and cloud services, providing end-users with tools to easily program their interaction by means of simple conditional rules1,[ 2 ].

IoT platforms provide privileged access to a user’s online services and physical devices, making them an attractive target for attackers. If they are compromised, both data and devices belonging to a large number of users can be arbitrarily manipulated by the attackers to cause damage. For example, the violation of an IFTTT rule allows an attacker to access sensitive information, such as user locations, fitness information, the content of private files, or private feed from social networks.

Most attempts to date in IoT security aim to improve perimeter defenses that harden the IoT infrastructure against attacks using firewall3s],[intrusion detection4[], access control policies 5[], and software patches [ 6 ], or to execute the actions in decentralized fashio7]n. [ Unfortunately, end-users have a low-level awareness of security threats and usage of security measures. Most of the users have little o no technical knowledge of the gravity of what a security violation could represent. The security of an IoT platform can be improved involving end-users in the security control and increasing their awareness of security8r]i.sks [

This position paper presents the idea of involving end-users in the management of security aspects. In particular, we describe how existing ECA rules could be expanded to deal with security aspects, and possible strategies to support end-users in the definition and customization of security rules.

ECA rules represent a programming paradigm for the specification of a particular type of behavior in active systems1[]. For instance, an ECA rule can define how a certain IoT device should react at an external event generated by a sensor, an on-line service, or another IoT device. In the following, we describe how these rules can be enhanced to allow end-users to define countermeasures to security threats. For example, an end-user might want to define an ECA rule for turning of an IP camera installed in its smart home when an intrusion is detected. Also, in response to an external intrusion, s/he might want to temporally disable all internet connectivity from all the devices within the environment. By doing so, s/he prevents the intruder from spreading his/her control over the other IoT devices, waiting for reviewing the whole network, looking for some security flaws.

These rules require a Local Monitoring Service (LMS) that would oversee the network, providing the triggers for such security events. In particular, the LMS analyzes all the interconnected devices notifying any security threat happening in the smart environment. In fact, these types of events cannot be recorded by the IoT devices themselves, since IoT devices are commonly known to lack in performances, so it would be really dificult for them to perform monitoring tasks alongside the operations they have been initially designed for. Moreover, the majority of IoT devices are embedded systems, which means that their software capabilities are not meant to be expanded or modified by others.

Another important topic to discuss is the actual possibility for an end-user to understand the risks related to the security threats, and to autonomously decide of defining rules aimed at protecting the environment. In fact, the end-users’ limited technical knowledge makes it hard for them to define behaviors for realizing security barriers. Thus, a valuable strategy for guiding users into this task would be to suggest rules that have been considered particularly suitable for defending the environment, perhaps by suggesting rules that have already been defined and deployed by other users. Rules could be stored in centralized repositories which can be organized and evaluated both automatically and manu9a]l. ly [

To provide these suggestions in the most comfortable way, two types of strategies could be applied. A set of security rules could be provided directly from the environment once the IoT device is recognized, e.g., an IP camera, which basic functionalities are known, and generalized over diferent types of brands and models. In this way, end-users can comfortably decide what rules best suits the device installed in the smart environment. Alternatively, security rules could be organized based on their defense capabilities against certain types of attacks. For example, the environment might notify the end-user with all the security rules that could protect the IoT device against external intrusions. In this way, users can enable all the rules available for each device without having to singularly define each behavior from scratch.

The development of the proposed approach relies on the implementation of a LMS able to identify any network anomalies that might be associated with some ECA rule events. This service can be executed on single-board computers (SBCs), among which the most famous on the market appears to be the Raspberry Pi.

Figure1 shows a simple schema of the architecture describing the logic of analysis and communication between the LMS and the server responsible for storing and triggering the ECA rules. The LMS acts as an intermediary between the smart devices and the router analyzing any network packets exchanged from/to the home smart devices. When the LMS identifies some anomalies in the network trafic, it will gather all the information about the anomalies and pack them all in a certain event. This event is sent to the ECA rules’ server, which will verify whether there exist any ECA rules having that event as a trigger condition. Thus, the retrieved rules are triggered and the corresponding actions are executed.

At the workshop, we will discuss how the security rules could be specified by end-users and the challenges to be addressed for increasing the awareness of security threats.

This work has been supported by the Italian Ministry of Education, University and Research (MIUR) under grant PRIN 2017 “EMPATHY: Empowering People in deAling with internet of THings ecosYstems” (Progetti di Rilevante Interesse Nazionale – Bando 2017, Grant 2017MX9T7H).