A testbed for monitoring and managing experiments for IoT devices.

Mon(IoT)r is a project composed of a lab (the Mon(IoT)r Lab at Northeastern University) and a software: The Mon(IoT)r Testbed. The mission of the projects is to provide awareness of the privacy implications of Internet of Things devices, and ultimately produce a means to inform users about what information they share. The Mon(IoT)r Lab is a first-of-its-kind IoT “living lab” for measuring IoT device network leakage. The lab consists of a “fishbowl” (glass walls) that encloses a space replete with smart devices. Specifically, all of the IoT devices in the lab are configured to use a router instrumented with the Mon(IoT)r testbed software. We use this lab to conduct controlled experiments, to observe IoT behavior in uncontrolled experiments (through its use by consenting researchers in the research group), and to provide demonstrations of security and privacy research.


Protecting Personal Data Flow on the Internet

Personal data collection typically starts on user devices, in a range of application domains (web, mobile, IoT). Data are then shared with service providers as well as with a large number of trackers. Data can also be obtained by malicious actors and/or used for surveillance. Many useful services are enabled by the collection of this data, although increasingly at the expense of privacy, security, transparency, and fairness, for individuals and society as a whole. Increased public awareness has led to recent legislation on data protection, such as GDPR and CCPA, and policy has become a powerful tool to be used in synergy with technology.
This project seeks to protect personal data, by improving the transparency and control of personal data flow on the Internet. We develop conceptual frameworks for personal information flow on the Internet, as well as systems for monitoring and mediation. To improve existing systems, we develop tools for measuring tracking and discrimination, and for explicitly controlling privacy-utility tradeoffs. To provide long term privacy-by-design alternatives, we design verifiable IoT architectures and seek to decentralize the advertising ecosystem and eliminate intermediaries. We use these technical frameworks to inform policy specification and to provide tools for auditing and enforcing these policies.


Modeling and Controlling Internet of Things Behavior Using Network-Inferred State Machines

Internet of Things (IoT) devices are increasingly found in homes, providing useful functionality for devices such as TVs, smart speakers, and video doorbells. Along with their benefits come potential risks, since these devices can communicate information (audio recordings, video recordings, television viewing habits) about their users to other parties over the Internet. However, understanding these risks is difficult since IoT systems are traditionally closed systems that provide independent third parties with little-to-no information about whether a device (or set of devices) is behaving in ways that might violate expectations such as privacy, security, and correctness.
To help understand and mitigate these risks, the goal of this project is to build BehavIoT: an approach that explores the extent to which network-inferred behavioral analysis of IoT deployments, combined with control over the network traffic they generate, can identify and mitigate misbehavior of IoT systems. Our key insight is that we can model IoT device behavior by inferring their states and transition events based on the network traffic they generate, identify misbehavior as deviations from previously recorded state transitions, and mitigate these misbehaviors by manipulating the network traffic that causes undesirable state transitions.


ReCon: Reveal and Control PII Leaks in Mobile Network Systems

The ReCon project has the goal to enable the auditing and control of Personally Identifiable Information (PII) leaks, addressing the key challenges of how to identify and control PII leaks when users’ PII is not known a priori, nor is the set of apps or devices that leak this information. First, to enable auditing through improved transparency, we investigate how to use machine learning to reliably identify PII from network flows, and identify algorithms that incorporate user feedback to adapt to the changing landscape of privacy leaks. Second, we build tools that allow users to control how their information is (or not) shared with second and third parties. Third, we investigate the extent to which our approach extends to privacy leaks from Internet of Things (IoT) devices. Besides adapting our system to the unique format for leaks across a variety of IoT devices, our work will investigate PII exposed indirectly through time-series data produced by IoT-generated monitoring.


Self-organizing Performance Prediction and Optimization

Current research in the area of self-adaptive systems is moving towards solutions to adaptation problems with the aim to engineer systems that can quickly respond to changes without any human intervention. As systems are becoming larger and more complex, the adoption of solutions that are both decentralised and scalable is becoming increasingly important. Up to now, this research area has focused on producing approaches to support the actuation of decentralised adaptation actions, however the problem of deciding when and how to execute them is still challenging in a decentralised setting. SPANDO proposes to solve such problem by using performance prediction models that are being studied in operations research and applied probability research. The most common prediction models that are already being used at run-time are based on Continuous-Time Markov Chains. However, these existing techniques have scalability limitations due to the state-space explosion of the CTMC formalism.

The SPANDO project will overcome these limitations by studying a new class of performance prediction models that can be evaluated in a decentralised way, without any explicit coordination. The proposed models will use formalisms based on ordinary differential equations, such as fluid and mean-field analysis, and have the particularity of being independent of the size of the system. The results of the evaluations of these models will then be used at run-time as inputs for proper decentralised adaptation actions.


A Platform for Mobile Content Sharing

ShAir aims to magically populate mobile devices with popular video clips and app updates without using people’s data plans, by opportunistically connecting nearby devices together when they are in range of each other. This ShAir project takes advantage of spontaneous huge data flows created by people carrying devices with GBs of flash storage, and make them form a network via P2P communication. This infrastructure-free, “crowd-sourced” communication channel may also be useful for real-world proximity-based social networking, advertisement, and gaming.

The demand-supply gap in mobile data traffic is expected to be getting only larger. On the other hand, people walking down the street, riding on a train, or driving a car with GBs of flash memory in their pockets can also be regarded as large flows of data that are free from infrastructure. The ShAir project aims to create a new layer of network by opportunistically connecting mobile (storage) devices in order to bypass growing mobile data traffic, as well as to build an ecosystem among mobiles, stores, and services.


Smart Emergency Response System

The Smart Emergency Response System (SERS) connects cyber-physical technologies with humans in the loop to save lives, rescue people, and attend to their critical needs when disaster strikes. The technology in this project has many additional benefits to our society:
SERS creates new employment opportunities for returning veterans as well as other unemployed, to accomplish remote tasks in remote or dangerous environments, using haptically-enabled teleoperation.
SERS promotes opportunities for device app designers, developers, and grassroots entrepreneurs to grow new business models in communication, operations, and supply chain optimization.
SERS automation, robotic and telerobotic technologies are expected to foster economic growth by increasing human productivity. Of particular note are capabilities to provide new opportunities for pollution cleanup, reduced environmental footprint, and transportation and delivery at reduced costs.


Self-managed Situated Computing

Emerging requirements are challenging our current knowledge about software engineering, and require a shift from the incremental improvements we have experienced in the past to radical changes to the way software is conceived, developed, and operated. In particular: (i) Software development and operation are increasingly decentralized; applications are composed dynamically out of parts that are developed and operated by independent parties. (ii) Changes in the requirements ask for continuous software adaptation and evolution. (iii) The infrastructures on which applications run are fully distributed and can change both in physical and in logical structure; the so-called Internet of Things is fostering a situation where computing power and connectivity are not only possible any-time and any-place, but also for any-thing. As a consequence, software must behave in a situational, self-managing manner.

The term situational indicates that software is built to address a particular situation, problem, or challenge, and behaves according to the evolving situation in which it operates. Developing and running situational software imposes a paradigmatic shift from a fairly conventional design-implement-maintain development, in which the application builders are skilled professionals, to new and challenging scenario in which bits of applications are built by professionals, then composed (in an autonomic way, or by users without formal training) in myriad and unpredictable possible ways. The SMScom project aims at developing a consistent, integrated, and homogeneous set of methods and tools for the design, validation, and operation of dependable self-managing situational software.


Network of Excellence on Software Services and Systems Network

The Software Services and Systems Network (S-Cube) will establish a unified, multidisciplinary, vibrant research community which will enable Europe to lead the software-services revolution, helping shape the software-service based Internet which is the backbone of our future interactive society.

By integrating diverse research communities, S-Cube intends to achieve world-wide scientific excellence in a field that is critical for European competitiveness. S-Cube will accomplish its aims by meeting the following objectives: (i) Re-aligning, re-shaping and integrating research agendas of key European players from diverse research areas and by synthesizing and integrating diversified knowledge, thereby establishing a long-lasting foundation for steering research and for achieving innovation at the highest level. (ii) Inaugurating a Europe-wide common program of education and training for researchers and industry thereby creating a common culture that will have a profound impact on the future of the field. (iii) Establishing a pro-active mobility plan to enable cross-fertilisation and thereby fostering the integration of research communities and the establishment of a common software services research culture. (iv) Establishing trust relationships with industry via European Technology Platforms (specifically NESSI) to achieve a catalytic effect in shaping European research, strengthening industrial competitiveness and addressing main societal challenges. (v) Defining a broader research vision and perspective that will shape the software-service based Internet of the future and will accelerate economic growth and improve the living conditions of European citizens.

S-Cube will produce an integrated research community of international reputation and acclaim that will help define the future shape of the field of software services which is of critical for European competitiveness. S-Cube will provide service engineering methodologies which facilitate the development, deployment and adjustment of sophisticated hybrid service-based systems that cannot be addressed with today’s limited software engineering approaches. S-Cube will further introduce an advanced training program for researchers and practitioners. Finally, S-Cube intends to bring strategic added value to European industry by using industry best-practice models and by implementing research results into pilot business cases and prototype systems.


Component-ware for Autonomic Situations-aware Communications, and Dynamically Adaptable Services

Internet, ICT and Telecommunications need to evolve rapidly to cope with Prosumers’ needs when producing and consuming pervasive, situated-aware communication and contents services. This evolutionary trend will allow a wide range of new activities that today are simply not possible or impractical. However, the achievement of such vision requires a deep re-thinking of the current way of developing and deploying distributed service and networking systems.

CASCADAS main goal is developing an autonomic component-based framework to enable composition, execution and deployment of innovative services capable of flexing and coping with unpredictable environments by dynamically self-adapting to situation evolutions.

In this context, CASCADAS aims at a vision of Future Internet as an ecology of simple lightweight components (abstracting data, information, service components, telco-ICT enabler, etc.) that are able to interact with each other and self-organize dynamically their activities to serve in an adaptive and goal-oriented way the dynamic needs of Prosumers and Providers. In this vision, traditional ISO/OSI layered approaches to networking and Internet lose any meaning: i.e. without relying on any pre-defined layering, the ecology of self-organizing and self-adaptive components will be able to compose together any needed suite of services.