Fig 1 - uploaded by Qi Alfred Chen
Content may be subject to copyright.
SmartThings architecture overview
Contexts in source publication
Context 1
... this paper, we focus on the Samsung SmartThings plat- form, which uses a popular cloud-backed architecture design as shown in Figure 1. Other popular IoT platforms such as Apple's HomeKit and Google's Weave/Brillo also use such design, and the differences only lie in the communication protocols used in the wireless hop. ...
Context 2
... shown in Figure 1, the SmartThings ecosystem consists of three major components: a hub, a SmartThings cloud backend, and a smartphone Companion App. The IoT apps in the SmartThings platform are called SmartApps, which are written in Groovy using the Web based IDE provided by SmartThings. ...
Similar publications
Citations
... Prior work in the broader context of Internet of Things (IoT), including smart speakers, has traditionally addressed the labeling problem by understanding what data is shared to their cloud platforms (both belonging to the device's vendor and to third parties). This has been typically done by relying on device modification or logging capabilities of specific platforms [22,33,40,62]. Other work used black-box experiments to identify how the viewing habits gathered by smart TVs [30,45] and smart speakers interactions [39] were shared with advertisers. ...
Many companies, including Google, Amazon, and Apple, offer voice assistants as a convenient solution for answering general voice queries and accessing their services. These voice assistants have gained popularity and can be easily accessed through various smart devices such as smartphones, smart speakers, smartwatches, and an increasing array of other devices. However, this convenience comes with potential privacy risks. For instance, while companies vaguely mention in their privacy policies that they may use voice interactions for user profiling, it remains unclear to what extent this profiling occurs and whether voice interactions pose greater privacy risks compared to other interaction modalities. In this paper, we conduct 1171 experiments involving 24530 queries with different personas and interaction modalities during 20 months to characterize how the three most popular voice assistants profile their users. We analyze factors such as labels assigned to users, their accuracy, the time taken to assign these labels, differences between voice and web interactions, and the effectiveness of profiling remediation tools offered by each voice assistant. Our findings reveal that profiling can happen without interaction, can be incorrect and inconsistent at times, may take several days or weeks to change, and is affected by the interaction modality.
... Security analysis of IoT platforms, devices and applications. The security of IoT platforms and applications/devices has been extensively explored in recent studies [19], [23], [25], [26], [28], [29], [33], [35], [35], [36], [36]- [38], [41], [46], [49], [51]- [53], [58]- [61], [61]. These studies predominantly focus on specific cloud platforms and application layer logic errors. ...
... IoT cloud platforms such as Samsung's SmartThings [60], IFTTT [42], Apple's HomeKit [5], Google Home [33], and Open-HAB [56] have been utilized to handle diverse types of devices from different vendors and facilitate their interactions by through automation rules. While embracing the connectivity and convenience introduced by IoT devices and applications, there are increasing concerns regarding security and privacy risks [8,14,15,31,44]. A tremendous amount of IoT devices have been deployed in our everyday life, collecting various types of personal attributes (e.g., age, height, weight, address, location, etc.) and highly sensitive information about the users (e.g., blood pressure, heart rate, pin code of door lock, door state, etc.). ...
... Sensitive data leaks lead to potential privacy invasion. Previous studies showed that such leaks could be caused by malicious IoT applications [8,14,15], unauthorized access through IoT frameworks [31,44], exploitation of customized automation rules [39,51,66], or app-level traffic analysis [1,50]. For example, a study on the SmartThings framework identified multiple privacy threats due to malicious SmartApps stealing sensitive user data [14], where 138 out of 230 SmartApps were found exposing at least one sensitive data via the Internet or messaging services. ...
... We use regular expressions to deal with type casting and extract the ASTs. From the AST of each app, we build a control flow graph (CFG) for static analysis, similar to prior app analysis approaches [2,21,44]. For example, Figure 4 shows the CFG diagram of the app in Listing 1. Action Nodes Extraction. ...
The increasing use of the Internet of Things (IoT) technology has made our lives convenient, however, it also poses new security and privacy threats. In this work, we study a new type of privacy threat enabled by cross-app chains built among multiple seemingly benign IoT apps. We find that interactions among apps could leak privacy-sensitive information, e.g., users' identification, location and tracking, activity patterns, etc. To tackle this challenge, we introduce PrivacyGuard, which extracts cross-app chains in the form of trigger-condition-action rules and identifies the corresponding privacy leakage risk with an inference probability. PrivacyGuard supports a fine-grained categorization of privacy threats to generate detailed alerts about privacy leakages. We evaluated PrivacyGuard on a dataset with 2,101 SmartApps, 2,788 IFTTT rules, and 2,086 OpenHAB rules, respectively. The results show that PrivacyGuard could uncover hidden privacy leaks that existing studies fail to detect. For example, 7.67% chains constructed by two seemingly benign IoT apps could leak at least one type of privacy information, while over 80% of the leaks involved privacy information regarding Localization & Tracking and Activity Profiling.
... Regarding the application context, [36] and [119] are concerned with analyzing smart applications to detect over-privileges in the SmartThings framework or types of attacks. Additionally, [81], [56] and [17], described the application context. In [60], contextual information from the types of user and physical contexts was presented. ...
... In [68], the authors presented a platform that enabled the development of context-aware applications that could be adapted autonomously at runtime. ContextIoT [56] is a context-aware permission model that restricts unauthorized device access and detects malicious activities in a smart home. A context-aware authentication framework introduced by Ashibani et al. [9] is being developed for smart-home applications to access devices. ...
... In [107], features of home entities and set of concepts, devices capabilities, and security vocabulary were collected by cloud. ContexIoT [56] modifies the application code to add security-focused logic patches to the application to gather crucial running context. IOTGUARD [17] adds new logic to the source code of an application to collect data from it while it is running, including devices, events, actions, predicates that control device actions, and numerically valued properties of those actions. ...
Smart-home systems represent the future of modern building infrastructure as they integrate numerous devices and applications to improve the overall quality of life. These systems establish connectivity among smart devices, leveraging network technologies and algorithmic controls to monitor and manage physical environments. However, ensuring robust security in smart homes, along with securing smart devices, presents a formidable challenge. A substantial number of security solutions for smart homes rely on data-driven approaches (e.g., machine/deep learning) to identify and mitigate potential threats. These approaches involve training models on extensive datasets, which distinguishes them from knowledge-driven methods. In this review, we examine the role of knowledge within smart homes, focusing on understanding and reasoning regarding various events and their utility towards securing smart homes. We propose a taxonomy to characterize the categorization of decision-making approaches. By specifying the most common vulnerabilities, attacks, and threats, we can analyze and assess the countermeasures against them. We also examine how smart homes have been evaluated in the reviewed literature. Furthermore, we explore the challenges inherent in smart homes and investigate existing solutions that aim to overcome these limitations. Finally, we examine the key gaps in smart-home-security research and define future research directions for knowledge-driven schemes.
... Prior work in the broader context of Internet of Things (IoT), including smart speakers, has traditionally addressed the labeling problem by understanding what data is shared to their cloud platforms (both belonging to the device's vendor and to third parties). This has been typically done by relying on device modification or logging capabilities of specific platforms [18,28,35,55]. Other work used black-box experiments to identify how the viewing habits gathered by smart TVs [25,40] and smart speakers interactions [34] were shared with advertisers. ...
Many companies, including Google, Amazon, and Apple, offer voice assistants as a convenient solution for answering general voice queries and accessing their services. These voice assistants have gained popularity and can be easily accessed through various smart devices such as smartphones, smart speakers, smartwatches, and an increasing array of other devices. However, this convenience comes with potential privacy risks. For instance, while companies vaguely mention in their privacy policies that they may use voice interactions for user profiling, it remains unclear to what extent this profiling occurs and whether voice interactions pose greater privacy risks compared to other interaction modalities. In this paper, we conduct 1171 experiments involving a total of 24530 queries with different personas and interaction modalities over the course of 20 months to characterize how the three most popular voice assistants profile their users. We analyze factors such as the labels assigned to users, their accuracy, the time taken to assign these labels, differences between voice and web interactions, and the effectiveness of profiling remediation tools offered by each voice assistant. Our findings reveal that profiling can happen without interaction, can be incorrect and inconsistent at times, may take several days to weeks for changes to occur, and can be influenced by the interaction modality.
... While these techniques make great contributions to analyzing rule interaction vulnerabilities, there is a noticeable lack of attention to resolving and preventing them. Some dynamic control-based methods [21,28,33,43] are proposed to control rule enforcement at runtime to avoid risks according to specified safety policies. However, they do not eliminate the root cause of vulnerabilities (i.e., rule semantic flaws) and can introduce additional running overhead. ...
... Existing works develop control policies based on specific concerns in the HA system and dynamically prevent risks. ContexIoT [33] uses the data and control flows of smart apps to build access contexts. SmartAuth [43] investigates authorization mechanisms with different behavioral security levels. ...
Trigger-Action Programming (TAP) is a popular end-user programming framework in the home automation (HA) system, which eases users to customize home automation and control devices as expected. However, its simplified syntax also introduces new safety threats to HA systems through vulnerable rule interactions. Accurately fixing these vulnerabilities by logically and physically eliminating their root causes is essential before rules are deployed. However, it has not been well studied. In this paper, we present TAPFixer, a novel framework to automatically detect and repair rule interaction vulnerabilities in HA systems. It extracts TAP rules from HA profiles, translates them into an automaton model with physical and latency features, and performs model checking with various correctness properties. It then uses a novel negated-property reasoning algorithm to automatically infer a patch via model abstraction and refinement and model checking based on negated-properties. We evaluate TAPFixer on market HA apps (1177 TAP rules and 53 properties) and find that it can achieve an 86.65% success rate in repairing rule interaction vulnerabilities. We additionally recruit 23 HA users to conduct a user study that demonstrates the usefulness of TAPFixer for vulnerability repair in practical HA scenarios.
... Despite much attention to IoT in the security community [16], [17], [18], [19], little has been done to thwart or interfere IoT device scanning activities. In this paper, we present a novel approach to interfering with IoT device scanning activity (BANADV) by generating adversarial examples, which slightly change IoT device banners. ...
Nowadays, attackers target Internet of Things (IoT) devices for security exploitation, and search engines for devices and services compromise user privacy, including IP addresses, open ports, device types, vendors, and products.Typically, application banners are used to recognize IoT device profiles during network measurement and reconnaissance. In this paper, we propose a novel approach to obfuscating IoT device banners (BANADV) based on adversarial examples. The key idea is to explore the susceptibility of fingerprinting techniques to a slight perturbation of an IoT device banner. By modifying device banners, BANADV disrupts the collection of IoT device profiles. To validate the efficacy of BANADV, we conduct a set of experiments. Our evaluation results show that adversarial examples can spoof state-of-the-art fingerprinting techniques, including learning- and matching-based approaches. We further provide a detailed analysis of the weakness of learning-based/matching-based fingerprints to carefully crafted samples. Overall, the innovations of BANADV lie in three aspects: (1) it utilizes an IoT-related semantic space and a visual similarity space to locate available manipulating perturbations of IoT banners; (2) it achieves at least 80\% success rate for spoofing IoT scanning techniques; and (3) it is the first to utilize adversarial examples of IoT banners in network measurement and reconnaissance.
... In this context, the automation introduces more serious security risks. Prior research has revealed that adversaries can leak personal information, and gain physical access to the home [2,15]. In [9], spoof attack is employed to exploit automation rules and trigger unexpected device actions. ...
Smart homes, powered by the Internet of Things, offer great convenience but also pose security concerns due to abnormal behaviors, such as improper operations of users and potential attacks from malicious attackers. Several behavior modeling methods have been proposed to identify abnormal behaviors and mitigate potential risks. However, their performance often falls short because they do not effectively learn less frequent behaviors, consider temporal context, or account for the impact of noise in human behaviors. In this paper, we propose SmartGuard, an autoencoder-based unsupervised user behavior anomaly detection framework. First, we design a Loss-guided Dynamic Mask Strategy (LDMS) to encourage the model to learn less frequent behaviors, which are often overlooked during learning. Second, we propose a Three-level Time-aware Position Embedding (TTPE) to incorporate temporal information into positional embedding to detect temporal context anomaly. Third, we propose a Noise-aware Weighted Reconstruction Loss (NWRL) that assigns different weights for routine behaviors and noise behaviors to mitigate the interference of noise behaviors during inference. Comprehensive experiments on three datasets with ten types of anomaly behaviors demonstrates that SmartGuard consistently outperforms state-of-the-art baselines and also offers highly interpretable results.
... Security of Smart Home IoT.. Recent research extensively studies the potential vulnerabilities and corresponding defenses linked with smart home Internet of Things (IoT) systems [21,22,29,35,37,55,57,58,60,61]. The rapid growth of the IoT industry has led to an in ux of low-cost IoT devices riddled with various vulnerabilities [13,39], which result in signi cant attack surfaces. ...
... Coarse grained permission model is a major flaw in the design phase in most of the popular smart home frameworks. Several studies discussed this issue in terms identification of a vulnerability, possible attacks, and proposed solutions to resist it, in Table 9. Jia et al. proposed ContextIoT [36], that patches app with the logic code to gather the context information during its runtime by tracing the sensitive information sinks (action or flow target). When App try to perform a sensitive action, its action hold and context-based permission is asked to the user along with the context through the backend cloud-based permission manager. ...
... The coarse-grained permission model leveraged most attacks and vulnerabilities [9]. The proposed mechanism of [33,[35][36][37][38]40] is app centric. The existing mechanism validates the requested permission by the app with the permission required for its working and resists unnecessary permission access in the smart home. ...
... Proposed methods based on validation and prevention. Generally, for validation [35][36][37][38]models, the app requires permission from its description and runtime behavior and checks against the requested permission. Although the existing mechanisms show good results but are not scalable due to their limitations (Table 7). ...
The smart home is one of the most significant applications of Internet of Things (IoT). Smart home is basically the combination of different components like devices, hub, cloud, and smart apps. These components may often be vulnerable, and most likely to be exploited by attackers. Being the main link among all the components to establish communication, the compromised smart apps are the most threatening to smart home security. The existing surveys covers vulnerabilities and issues of smart homes and its components in various perspectives. Still, there is a gap to understand and organize the smart apps, security issues and their impact on smart homes and its stakeholders. The paper presents a systematic literature review on the smart apps related vulnerabilities, their possible threats and current state of the art of the available security mechanisms. In our survey we observed that currently research focuses on rules interaction and access control issue. The conclusive findings reveal the fact that available security mechanisms are not widely applicable and incur overheads to developers and users. The critical review of pertinent literature shows that these mechanisms are not enough to address the issues effectively. Therefore, a generalized and robust solution is essentially required to tackle the issues at their origin. We summarized the insights of our SLR, highlighting current scenario and future directions of research in this domain.
