IoT Security and Privacy Lab
Expanding the transparency and control of IoT devices by examining the state of security and privacy within Internet-of-Things (IoT) ecosystems.
- Developing novel attack vectors for IoT
- Identifying systemic design failures in IoT
- Examine means for better transparency in IoT
- Leveraging IoT for security education
- TJ OConnor, Chris Stricklan. Teaching a Hands-On Mobile and Wireless Cybersecurity Course. ACM Innovation and Technology in Computer Science Education (ITiCSE). June 2021. [pdf]
- Chris Stricklan, TJ OConnor. Towards Binary Diversified Challenges For A Hands-On Reverse Engineering Course. ACM Innovation and Technology in Computer Science Education (ITiCSE). June 2021. [pdf]
- Blake Janes, Heather Crawford, and TJ OConnor. Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. IEEE Security and Privacy SafeThings Workshop. May, 2020. [pdf]
- TJ OConnor, William Enck, and Bradley Reaves. Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things, Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). May, 2019.
Media & Interviews
- Fox35 Interview about the DarkSide Ransomware attack on Colonial Pipeline (Dr. OConnor) [Link]
- Fox35 Interview about Water Treatment Plant Compromise (Dr. OConnor) [Link]
- 2nd Fox35 Interview about Water Treatment Plant Compromise (Dr. OConnor) [Link]
- Washington Post Story about IoT S&P Lab [Link]
- Florida Today Story about IoT S&P Lab [Link]
- Interview with REFirm Labs about Camera Backdoor Discovery (Dr. OConnor) [Link]
- ITSP Magazine Podcast about our IoT S&P Lab (Dr. OConnor & Dan Campos) [Link]
- DeviceSecurityIO Interview abouat the state of IoT Security (Dr. OConnor) [Link]
- Florida Tech Story about IoT S&P Lab and FITSec Team (Josh Connolly & Dr. OConnor) [Link]
- Dr. OConnor was recently interviewed on Fox35 about the DarkSide Ransonware that attack Colonial Pipeline.
- We recently reported and were assinged two new CVEs (CVE-2021-31793, CVE-2020-28713) in The Night OWL Doorbell sold at Walmart.
- Excited our students placed #3 in the university team division at the National Cyber League and were ranked the #4 program in the National Cyber League Spring 21 Power Rankings.
- Florida Tech recently published a news story about the success of our FITSec Cybersecurity Team and our IoT S&P Lab.
- Our recent vulnerability disclosures were reported in the Washington Post and Florida Today. Read the technical details at our blog post on REFirm Labs.
- We recently reported and were assigned 4 CVEs in security cameras and doorbells. See our Geeni Vulnerability Disclosures for more information. The assigned vulnerabilities including CVE-2020-28999, CVE-2020-29000, CVE-2020-29001, CVE-2020-28998
- Congratulations to Josh Connolly and Blake Janes, who lead our FITSec Team to be ranked #21/300 for the Fall 2020 National Cyber League Tournament.
- The Office of Naval Research has awarded funding for a Florida Tech and the IoT Security and Privacy Lab for Multidisciplinary Approach to Internet-of-Things (IoT) Cybersecurity Research for $249,946.
- Congratulations to Josh Connolly, who lead our FITSec Team, to a 7th Place Finish at the Spring 2020 National Cyber League Tournament.
- Congratulations to Blake Janes for being awarded a $3,133.70 bug bounty from Google!
- We are happy to annouce that we partnered with the ReFirm Labs CyberSecurity Education Program, which granted access to the ReFirms Binwalk Enterprise Platform to our students.
- We are happy to annouce that we partnered with the CloudShark Education Program, which granted access to the CloudShark Platform to our students.