A Mutation Framework for Evaluating Security Analysis tools in IoT Applications. (arXiv:2110.05562v1 [cs.CR])

With the growing and widespread use of Internet of Things (IoT) in our daily
life, its security is becoming more crucial. To ensure information security, we
require better security analysis tools for IoT applications. Hence, this paper
presents an automated framework to evaluate taint-flow analysis tools in the
domain of IoT applications. First, we propose a set of mutational operators
tailored to evaluate three types of sensitivity analysis, flow, path and
context sensitivity. Then we developed mutators to automatically generate
mutants for those types. We demonstrated the framework on a subset of
mutational operators to evaluate three taint-flow analyzers, SaINT,
Taint-Things and FlowsMiner. Our framework and experiments ranked the taint
analysis tools according to precision and recall as follows: Taint-Things (99%
Recall, 100% Precision), FlowsMiner (100% Recall, 87.6% Precision), and SaINT
(100% Recall, 56.8% Precision). To the best of our knowledge, our framework is
the first framework to address the need for evaluating taint-flow analysis
tools and specifically those developed for IoT SmartThings applications.