1st ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy

Workshop Program

Monday, Jun 25, 2018

8am - 9:15am    Registration (E-VI 1st Floor Lobby)
9am - 9:10am    Opening

Room: E-VI Room 176


Human sensing encompasses a range of sensing tasks including (but not limited to) recognizing gestures and activities of daily living, monitoring vitals, and even identifying mood. It is the key enabler of a countless number of applications in diverse domains, such as health care monitoring, sleep monitoring, fitness tracking, immersive gaming, and elderly care. Due to the innumerable ways in which human sensing can improve the quality and experience of life in today’s smart environments, coupled with the ever improving sensing hardware and novel sensing modalities, human sensing is attracting more and more interest from both academia and industry.

Over the past few years, a new class of human sensing systems has spawned that use WiFi signals to perform human sensing. The fundamental principle that enables human sensing using WiFi signals is that when a user moves in a wireless channel, his/her movements cause the wireless channel metrics (WCMs), such as channel state information, received signal strength, and angle-of-arrival of the signal, to change. The patterns of change in WCMs are unique for different human movements. By learning these patterns of change for any given movement, a WiFi-based human sensing system can recognize that movement.

In this talk, I will present our work on recognizing human gestures using WiFi. I will also describe our attempts to address some of the practical challenges facing WiFi based human sensing, such as sensitivity of these systems to positions and orientations of users, and simultaneous movements of multiple users. I will conclude with a discussion about further challenges that need to be addressed before WiFi based human sensing systems can be used in real-world settings.

Bio: Muhammad Shahzad is an Assistant Professor at the Department of Computer Science, North Carolina State University. He received his PhD from Michigan State University in 2015. His research interests are in the areas of ubiquitous sensing, RFID systems, and network measurements. To date, his work on WiFi based human sensing has involved recognition of macro human movements such as gestures and activities and micro human movements such as keystrokes and gait. Dr. Shahzad and his team won the Spectrum Sharing Radio Challenge (2016). He was also the recipient of the Fitch Beach Award (2015) and Human Competitive Award (2009).


The 4G/5G mobile networked systems are providing "anywhere, anytime" Internet access for billions of users. In the foreseen future, they are also envisioned to serve new applications (virtual/augmented reality, self-driving cars, drones, and more). However, the current systems still rely on the "black-box" operations for the network infrastructure. Consequently, the end devices lack intelligence on the underlying network.

In this talk, I will present a data-driven approach to enhancing end intelligence in the 4G/5G systems. I will show how software-hardware cooperation enables fine-grained network data that were not possible in existing solutions. I will next demonstrate how to leverage these data to construct analytics in order to catalyze end intelligence. Last, I will describe how the enhanced end intelligence, in return, helps the 4G/5G infrastructure with more provable reliability and efficiency. These results make a case for the "Knowledge Plane" for the next-generation mobile Internet.

Bio: Yuanjie Li received his Ph.D. in Computer Science from UCLA in 2017. His research interests include networked systems, mobile computing, and network security. He is a recipient of ACM MobiCom’17 and MobiCom'16 Best Community Paper Awards, UCLA Dissertation Year Fellowship in 2016, and Outstanding Chinese Oversea Graduate Student Award in 2016. His work has resulted in an open-source community tool (MobileInsight), which has been used by 268 universities and companies since its release in 2016.

10:50am - 11am    Break
11am - 12:30pm    Technical Session

Room: E-VI Room 176

Exploiting Multi-Vendor Vulnerabilities as Back-Doors to Counter the Threat of Rogue Small Unmanned Aerial Systems

Lanier Watkins, Juan Ramos, Gaetano Snow, Jessica Vallejo, William H. Robinson, Aviel D. Rubin, Joshua Ciocco, Felix Jedrzejewski, Jinglun Liu, Chengyu Li

Abstract: A recent trend for many malicious actors, such as: (1) terrorists in Iraq and Syria, (2) lone wolf domestic terrorists, (3) drug cartels, or (4) espionage-minded corporations, has been to use commercialoff- the-shelf (COTS) small unmanned aerial systems (sUAS) (i.e., drones) that can circumvent ground-based defenses to attack or spy on targets, to transport contraband, or to steal information. Because of the low cost of COTS sUAS and the prior success of these uses, this trend is increasing at an alarming rate, leading to the need to counter the malicious usage of sUAS (i.e., rogue sUAS). Researchers, the armed forces, and technologists have all proposed disparate solutions to this problem. There are no comprehensive and compact solutions capable of effectively tracking, identifying, and actively neutralizing the threats associated with rogue sUAS. Thus, we have developed a mobile cyber solution, using rigorous penetration testing across the top sUAS COTS vendors. Based on the market share of these top vendors, our approach is applicable to approximately 90% of all COTS sUAS.We demonstrate that hard-topatch vulnerabilities (i.e., vulnerabilities that exist across all the top vendors of sUAS) can be used as back-doors to counter the threat of rouge sUAS. Our solution can be launched from a standard laptop or Android mobile device with an external antenna, and is capable of tracking, identifying, and disrupting all Parrot and 3DR sUAS, as well as almost all DJI sUAS (i.e., renders them incapable of video flight) within a 300-meter radius.

Impacts and Detection of Network Layer Attacks on IoT Networks

Prasesh Adina, Raghav H. Venkatnarayan, and Muhammad Shahzad

Abstract: With the advent of the Internet of Things (IoT), wireless sensor and actuator networks, subsequently referred to as IoT networks (IoTNs), are proliferating at an unprecedented rate in several newfound areas such as smart cities, health care, and transportation, and consequently, securing them is of paramount importance. In this paper, we present several useful insights from an exploratory study of the impacts of network layer attacks on IoTNs. We envision that these insights will guide the design of future frameworks to defend against network layer attacks. We also present a preliminary such framework and demonstrate its effectiveness in detecting network layer attacks through experiments on a real IoTN test-bed.

A2G2V: Automated Attack Graph Generator and Visualizer

Alaa T. Al Ghazo, Mariam Ibrahim, Hao Ren, Ratnesh Kumar

Abstract: The Internet of Things (IoT) and Cyber-Physical Systems (CPS) technologies have increased the complexity of systems and also exposed them to additional vulnerabilities. Attack-graphs are graphical representations that provide a complete view of how interdependencies among atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Their manual construction is tedious, error-prone, and time consuming. This paper presents a model-based Automated Attack- Graph Generator and Visualizer (A2G2V). Given the networked system description (its components, connectivity, services it supports, their vulnerabilities and protections), the attack graph enlists set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise a certain system-level security. The proposed A2G2V tool extends an existing formal methods tool (a model-checker) by integrating with it an architecture description tool, our own code (for parsing counterexamples, encoding those for specification relaxation, iterating till all attack sequences are revealed), and also a graph visualization tool.

Call For Papers

Today’s mobile Internet of Things devices (i.e., wireless-connected IoT devices) such as Amazon Alexa, WiFi smart bulbs, smart meters, and wearable devices are normally equipped with on-devices sensors. Although these sensors equip mobile IoT devices with the capability to sense users and their surrounding environment to provide context-aware services, they may also intrude users’ privacy and bring up many security concerns. The goal of this workshop is to provide a forum to bring together researchers from both academia and industry to discuss the sensing, security and privacy issues and corresponding solutions related to the existing and emerging mobile internet of things devices and infrastructure.

The workshop comes at a critical time juncture where mobile IoT devices are proliferating commercially. The off-the-shelf availability of mobile IoT devices today has significantly improved, and those devices have been widely adopted in a broad spectrum of applications such as automation and control, energy monitoring, healthcare - to name a few. We hope that this workshop will serve as a catalyst for exploring novel sensing applications enabled by mobile IoT devices as well as investigating techniques that enhance the security of mobile IoT devices and protect users’ privacy.

The focus areas include, but not limited to:

  • Novel mobile IoT sensing systems and applications
  • Cloud/Edge/Fog-based infrastructure for mobile IoT sensing
  • Privacy-preserving mobile IoT sensing
  • Key distribution and management
  • Physical security and hardware/software security
  • Authentication, authorization, audit, and access control for mobile IoT
  • Lightweight security for mobile IoT
  • Security framework of mobile IoT
  • Security for 5G IoT
  • Security for cellular IoT (2G/3G/4G, NB-IoT, Cate.M1, Cate.-1)
  • Security for WiFi IoT (2.4GHz, 5GHz, 60GHz, etc)
  • Security for Z-Wave, Bluetooth, LoRa, SigFox, 6LowPAN, NFC, Zigbee IoT

Submission Instructions

Papers should be submitted via

The papers should not exceed 6 pages (US letter size) double column including figures, tables, and references in standard ACM format. Templates for the standard ACM format can be found at: Submission must be in PDF format. All submissions will be reviewed using a single-blind review process.

  Important Dates
April 1, 2018 Submission deadline
April 7, 2018, 23:59:59 EST Extended submission deadline
April 30, 2018 Acceptance notification
May 7, 2018 Camera ready deadline

Workshop Co-Chairs

  • Mi Zhang, Michigan State University
  • Guan-Hua (Scott) Tu, Michigan State University

Technical Program Committee

  • Muhammad Shahzad, North Carolina State University
  • Ashwin Ashok, Georgia State University
  • Aziz Mohaisen, University of Central Florida
  • Yuan Tian, University of Virginia
  • Feng Qian, Indiana University Bloomington
  • Sunghoon Ivan Lee, UMass Amherst
  • Fengwei Zhang, Wayne State University
  • Yuanjie Li, University of California, Los Angeles
  • Shin-Ming Cheng, National Taiwan University of Science and Technology
  • Chi-Yu Li, National Chiao Tung University
  • Kate Ching-Ju Lin, National Chiao Tung University
  • Yan Huang, Indiana University Bloomington