Securing Cloud-based IoT Apps

Innovative IoT apps break conventional paradigms to connect otherwise unconnected services and devices ranging from pacemakers, baby monitors, surveillance cameras to cars and smart cities. Unfortunately, the power of IoT apps can be abused by attackers, unnoticeably to users.

In this talk, we will discuss how popular IoT app platforms are susceptible to attacks that violate user privacy resulting in massive exfiltration of sensitive information as well as suggest short- and long-term countermeasures based on language-based sandboxing and information flow control.