skip to main content
10.1145/3301293.3302356acmconferencesArticle/Chapter ViewAbstractPublication PageshotmobileConference Proceedingsconference-collections
research-article
Public Access

A Hypervisor-Based Privacy Agent for Mobile and IoT Systems

Published: 22 February 2019 Publication History

Abstract

We present a design for a mobile and IoT data privacy agent that lives in software on end devices. Our privacy agent learns and enforces a user's privacy policy across all devices that he manages. Implemented as a hypervisor onboard the end device, our privacy agent sits between the device's hardware and its application software. It can inspect, modify, block, and inject I/O traffic between the device's main CPU and its peripherals. The key advantage of our architecture is that, unlike network middleboxes, the hypervisor can track all I/O transactions in unencrypted form. This makes our privacy agent potentially much more effective than those that only monitor network traffic because it can track and modify plaintext data. Our privacy agent also gives users the ability to impose a uniform privacy policy across all devices that they manage, which minimizes the burden and possibility of error that arise when setting privacy policy on individual devices. Since the notion of per-user (as opposed to per-app) privacy policy is relatively new, there has not been much opportunity for researchers to think about how to define and implement policy on that scale. We propose a method for learning a user's privacy policy one time and automatically implementing it in a context-aware fashion on multiple devices.

References

[1]
Sebastian Angel, Riad S. Wahby, Max Howald, Joshua B. Leners, Michael Spilo, Zhen Sun, Andrew J. Blumberg, and Michael Walfish. 2016. Defending against Malicious Peripherals with Cinch. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 397--414. https://www.usenix.org/ conference/usenixsecurity16/technical-sessions/presentation/angel
[2]
Andy Crabtree, Tom Lodge, James Colley, Chris Greenhalgh, Kevin Glover, Hamed Haddadi, Yousef Amar, Richard Mortier, Qi Li, John Moore, Liang Wang, Poonam Yadav, Jianxin Zhao, Anthony Brown, Lachlan Urquhart, and Derek McAuley. 2018. Building accountability into the Internet of Things: the IoT Databox model. Journal of Reliable Intelligent Environments 4, 1 (01 Apr 2018), 39--55.
[3]
Nigel Davies, Nina Taft, Mahadev Satyanarayanan, Sarah Clinch, and Brandon Amos. 2016. Privacy Mediators: Helping IoT Cross the Chasm. In Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications (HotMobile '16). ACM, New York, NY, USA, 39--44.
[4]
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2010. TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI'10). USENIX Association, Berkeley, CA, USA, 393--407. http://dl.acm.org/ citation.cfm?id=1924943.1924971
[5]
Grant Hernandez, Orlando Arias, Daniel Buentello, and Yier Jin. 2014. Smart nest thermostat: A smart spy in your home. Black Hat USA (2014).
[6]
Neil Klingensmith and Suman Banerjee. 2018. Hermes: A Real Time Hypervisor for Mobile and IoT Systems. In Proceedings of the 19th International Workshop on Mobile Computing Systems & Applications (HotMobile '18). ACM, New York, NY, USA, 101--106.
[7]
Anantharaghavan Sridhar, Neil Klingensmith, and Suman Banerjee. 2016. dBHound: Privacy Sensitive Acoustic Perception in Home Settings: Poster Abstract. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM (SenSys '16). ACM, New York, NY, USA, 370--371.
[8]
Primal Wijesekera, Joel Reardon, Irwin Reyes, Lynn Tsai, Jung-Wei Chen, Nathan Good, DavidWagner, Konstantin Beznosov, and Serge Egelman. 2018. Contextualizing Privacy Decisions for Better Prediction (and Protection). In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems (CHI '18). ACM, New York, NY, USA, Article 268, 13 pages.
[9]
Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda. 2007. Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS '07). ACM, New York, NY, USA, 116--127.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
HotMobile '19: Proceedings of the 20th International Workshop on Mobile Computing Systems and Applications
February 2019
200 pages
ISBN:9781450362733
DOI:10.1145/3301293
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 February 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. hypervisors
  2. iot
  3. mobile systems
  4. privacy
  5. real-time

Qualifiers

  • Research-article

Funding Sources

Conference

HotMobile '19
Sponsor:

Acceptance Rates

Overall Acceptance Rate 96 of 345 submissions, 28%

Upcoming Conference

HOTMOBILE '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)73
  • Downloads (Last 6 weeks)14
Reflects downloads up to 07 Jan 2025

Other Metrics

Citations

Cited By

View all

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

EPUB

View this article in ePub.

ePub

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media