Intrusion Detection for IoT via Matter and Thread

Home IoT has been fractured, where each device has only been able to connect to its own cloud-based system, and sometimes also to one set of home assistants. Thus, users and data has been locked in.  Matter is supposed to change this, with powerful backers such as Apple, Google, and many more.

Matter will allow devices to be more system-independent and work across many IoT ecosystems. Thread is similar to ZigBee but “simpler” in its execution. Many announcements has happened / will happen during the fall of 2022 with new products entering the market place.

https://en.wikipedia.org/wiki/Matter_(standard)

https://www.threadgroup.org/news-events/blog/ID/287/Thread-Matter-And-CHIP–This-Glossary-Will-Quickly-Bring-You-Up-To-Speed#.Y0–BnZBwuU

This thesis targets an intrusion detection system for Matter/Thread. security analysis for IoT. The end focus would be to build a simple IDS to monitor devices running Matter/Thread. Another options can be to adapt Snort/Bro to achieve the same goal. Challenges include reading the release candidate of Matter to understand the communication mode. Then a few (simple) properties of normal / attack should be specified. These should then be implemented, preferably using the SkyConnect USB Stick.

You can conduct this thesis individually or as team of two students, but we will prioritize groups of two students.

The starting point are to survey literature to understand the candidates and also find connections to the scientific security literature for IoT systems.

The second step is to understand what information should be used for the IDS, where it is located, and when the analysis / alerts need to be communicated upwards.

The third step is about building a prototype / test system. For that you can use a cour router, change existing IDS or the SkyScanner USB stick.

For whom is this a good thesis?
If you love security, have a good understanding of networks and protocols and also familiarity with mbedded devices this is a good thesis. You should also be interested in attack modeling (normal behavior, attacks), machine learning or pattern matching, and know at least one programming language to be able to work directly with hardware. If you have never heard of IoT, ZigBee, Matter, Thread, Snort, this thesis may still be for you if you are up to a challenge.

How to apply? Submit your application before November 11, 2022.
https://forms.office.com/r/ttjem8dX5v

If you have any question/comment about the thesis work, contact us:
Magnus Almgren; magnus.almgren@chalmers.se