Rethinking Network Security for the Internet of Things

Project Overview

The Internet-of-Things (IoT) has quickly moved from concept to reality, with estimates that the number of deployed IoT devices will rise to 25 billion in 2020. However, studies show that many IoT devices have serious security vulnerabilities. Moreover, the limitations of IoT devices and scale of networks of IoT devices often make traditional IT security approaches impractical. This project takes a first-principles approach to rethinking network security and address these concerns for IoT networks: (1) scalable alternatives to simple perimeter defenses; (2) new methods to manage security in deployed networks of IoT devices; and (3) new security policies with sufficient generality to administer IoT devices and networks in many diverse use-cases. By providing a principled architecture to secure IoT deployments, the project will help realize the full potential societal benefits of IoT. The project will result in the development of novel open-source tools, modeling abstractions, algorithms, and prototype implementations that will reduce the time to deploy novel IoT security solutions, and make the results of the project available to the community.


  • PIs: Yuvraj Agarwal, Vyas Sekar, Srinivasan Seshan
  • PhD Students: Tianlong Yu
  • Papers

  • [HotNets] Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things
    Tianlong Yu, Yuvraj Agarwal, Vyas Sekar, Srini Seshan, Chenren Xu
    in HotNets 2015



  • CMU article
  • Article in Pittsburgh TRIB Live


    This work is supported by NSF SaTC award 1564009