A Model-Driven-Reverse Engineering Approach for Detecting Privilege Escalation in IoT Systems.

Software vulnerabilities in access control models can represent a serious threat in a system. In fact, OWASP lists broken access control as number 1 in severity among the top 10 vulnerabilities. In this paper, we study the permission model of an emerging Smart-Home platform, SmartThings, and explore an approach that detects privilege escalation in its permission model. Our approach is based on Model Driven Reverse Engineering (MDRE) in addition to static analysis. This approach allows for better coverage of privilege escalation detection than static analysis alone as it takes advantage of analyzing free-form text that carries extra permissions details. Our experimental results demonstrate high accuracy in detecting over-privilege vulnerabilities in IoT applications.