ABSTRACT
The evolution of Internet of Things (IoT) over the years has led to all time connectivity among us. However, the heterogeneity of the constituent layers of IoT makes it vulnerable to multiple security threats. One of the typical vulnerabilities of IoT involves the end point, i.e., the apps that are used by end users for enabling IoT services. Generally, the users have to authorize the app, during installation time, to perform certain tasks. Often the apps ask for permissions to access information which are not related to the IoT services provided by them. These overprivileged apps have the chance to turn malicious at any moment and use the information against the user's interest. Sometimes, the users are naive enough to trust the apps and grant permissions without caution, thus leading to unintended exposure of personal information to malicious apps. It is important to analyze the app description for understanding the exact meaning of a stated functionality in the app description. This chapter considers the use of natural language processing (NLP) in securing user data from malicious IoT apps by analyzing their privacy policies and user reviews. This is followed by the description of a technique to aid in decision-making of users based on a careful analysis of app behavior.
