Better Safe than Sorry: Preventing Policy Violations through Predictive Root-Cause-Analysis for IoT Systems

In an Internet of Things (IoT) environment, there are several way things can go wrong based on device activity. Poorly defined rules, conflicts between applications, physical interactions between devices, or unintentional interference by user behavior. Since these devices can have access to sensitive information or the capability to disrupt or harm physical elements in an environment, there is a strong motivation to protect confidentiality and integrity in IoT systems. In this paper we design IoTArmor, a novel Root-Cause-Analysis tool that uses machine learning models to select remediating actions that can prevent violations that would otherwise occur in the future. We assume violations have been predicted to occur and analyze the current system state to produce optimal fixes to prevent the violating behavior. Through this analysis, we can give accurate proposed fixes to prevent the violations, as well as detailed explanations to users as to why the fixes are effective. This methodology provides easily usable information to users about flaws in their environment, both in the current moment and in their overall application setup.