Fig 1 - uploaded by Qi Alfred Chen
Content may be subject to copyright.
SmartThings architecture overview 

SmartThings architecture overview 

Contexts in source publication

Context 1
... this paper, we focus on the Samsung SmartThings plat- form, which uses a popular cloud-backed architecture design as shown in Figure 1. Other popular IoT platforms such as Apple's HomeKit and Google's Weave/Brillo also use such design, and the differences only lie in the communication protocols used in the wireless hop. ...
Context 2
... shown in Figure 1, the SmartThings ecosystem consists of three major components: a hub, a SmartThings cloud backend, and a smartphone Companion App. The IoT apps in the SmartThings platform are called SmartApps, which are written in Groovy using the Web based IDE provided by SmartThings. ...

Citations

... The Semantic Analysis module executes two steps: (1) extract semantics from smart apps and their configuration, such as the temperature threshold for turning on AC and which IoT devices are bound to which app, and (2) convert the semantics to correlations. Semantic analysis has been used to detect malicious or risky smart apps as in [41,50,79]. We use the method described in our prior work [33,34] to extract semantics in Step (1). ...
... With the emerging development of IoT devices and appified home automation, their security and privacy issues have drawn great attention [28,29,34,50,57,61,73,74,78,79]. Most of them are focused on detecting threats, attacks and malware, rather than IoT malfunctions. ...
Full-text available
Article
As IoT devices are integrated via automation and coupled with the physical environment, anomalies in an appified smart home, whether due to attacks or device malfunctions, may lead to severe consequences. Prior works that utilize data mining techniques to detect anomalies suffer from high false alarm rates and missing many real anomalies. Our observation is that data mining-based approaches miss a large chunk of information about automation programs (also called smart apps) and devices. We propose Home Automation Watcher (HAWatcher), a semantics-aware anomaly detection system for appified smart homes. HAWatcher models a smart home's normal behaviors based on both event logs and semantics. Given a home, HAWatcher generates hypothetical correlations according to semantic information, such as apps, device types, relations and installation locations, and verifies them with event logs. The mined correlations are refined using correlations extracted from the installed smart apps. The refined correlations are used by a Shadow Execution engine to simulate the smart home's normal behaviors. During run-time, inconsistencies between devices' real-world states and simulated states are reported as anomalies. We evaluate our prototype on the SmartThings platform in four real-world testbeds and test it against totally 62 different anomaly cases. The results show that HAWatcher achieves high accuracy, significantly outperforming prior approaches.
... d may possibly prevent the execution of hazardous code (for example). Integer overflows, string attacks, and double free are some of the several shapes that an attack on a stack or heap buffer might take B. Zhu [2011]. Unauthorized assaults on computer systems that handle personal information are a potential risk to the consumers' right to privacy Jia and et. al. [2017]. In most cases, this form of attack takes advantage of loopholes in the authorization mechanism of the model that is being attacked. Hackers may be able to get unauthorised access to the administration of smart home applications and then use this information to perpetrate crimes against their victims, such as theft or the damage of prop ...
Article
The Internet of Things, often known as IoT, is a project whose ultimate objective is to construct, in the not-too-distant future, a global network of linked, networked goods and things that are capable of exchanging data and working together. Through the use of the internet, it will be possible to read, recognise, localise, address, and otherwise control such things. Before widespread usage of the Internet of Things (IoT), consumers and business owners need to have trust in its underlying security architecture. It is essential to provide an explanation of how different devices connected to the Internet of Things may safely and effectively share data with one another and with remote computers. When designing security solutions, new privacy and security issues brought about by the Internet of Things need to be taken into consideration throughout the design process. Establishing trustworthy end-to-end encrypted connections is difficult due to the inherent heterogeneity of Internet of Things (IoT) communications and the vast range of hardware and software capabilities supported by IoT devices. Because of their slow processing rates, high power consumption, and little quantities of memory, the majority of Internet of Things devices have few security choices available. This is as a result of the fact that many traditional security approaches are unable to be deployed on devices that have restricted resources. This article presents an overview of the many uses of the Internet of Things, together with the security threats and operational challenges that each presents.
... The related attacks include network penetration, firmware backdoor exploitation [16], replay attacks [17,18], and man-in-the-middle attacks [19,20] In addition to devices, smart applications (apps for short) also contribute to system vulnerabilities. Without the knowledge of users' environment settings and behavioral patterns [21], it is challenging for smart apps to precisely define a condition, such as "at home," because the hardware/software settings and user behavioral patterns (e.g., wake-up time, bedtime, and time to take a shower) vary in homes. ...
Full-text available
Article
As a typical application of Internet of Things (IoT), home automation systems, namely, smart homes, provide a more convenient and intelligent life experience through event recognition, automation control, and remote device access. However, smart home systems have also given rise to new complications for security issues. As an event-driven IoT system, smart home environments are vulnerable to security attacks, and vulnerable devices are far-spread due to the quick development cycles. Attack vectors to smart homes inevitably manifest in abnormal event contexts. In this paper, we propose HomeGuardian, a context-based approach to identify abnormal events in smart homes. In our approach, we extract temporal context and environmental context from system logs, aggregate (embed) these hybrid contexts, and construct a learning-based classifier to identify the abnormal events. We develop a testbed to implement and evaluate our approach.
... Existing frameworks were not designed for the network security demands of modern IoT. Industry hubs like Smart-Things [49] and research frameworks built on top of it [31,52] still require vendors to host their own services. For example, Alexa's SmartThings integration serves only to connect to Amazon servers. ...
... Another reason is the granularity at which frameworks define policies. Low-level IPCs lack semantic meaning [31], while high-level app descriptions do not directly match functionality [52]. ...
Full-text available
Preprint
Most consumer IoT devices are vertically integrated with cloud-side infrastructure. Such architectures present enormous risk to user data, exacerbated by vendor heterogeneity and the inability for users to audit cloud-side activity. A more promising approach would be to leverage local hardware, providing users control over how their data is processed and why it can be shared with other devices or the Internet. Karl is a new smart-home framework designed to host IoT computation and storage on user-chosen devices. A key insight in Karl's modular programming model is that a familiar interface (inspired by serverless) can capture most modern cloud-side IoT components under a single framework, which executes modules agnostic of hardware location. While local hosting eliminates many flows, modularity enables all remaining flows to be justified using fine-grained primitives. We introduce two IoT security mechanisms: pipeline permissions that permit device data to be shared given some justification and exit policies that block flows unless specific conditions are met. We evaluate Karl through two end-to-end applications.
... Comparing our approach (the task expression and constraint expression) to GPL, we consider our approach to be more advanced since it supports regular expression, which provides a higher expression power. A similar idea can also be found in the approach proposed by Jia et al. (Jia et al. 2017). They proposed an approach that can instrument an IoT application and use the instrumented application to determine if some application's behavior is suspicious during the execution time. ...
Full-text available
Article
Testing Internet of Things (IoT) systems is challenging. This is not only because of the various aspects of IoT systems, such as software, hardware, and network that need to be tested, but also because of the unexpected issues caused by a large number of heterogeneous devices brought together by IoT systems. When an IoT system has hundreds, or even thousands, of heterogeneous devices, which devices should be tested to detect more faults? How can we systematically test an IoT system and its numerous devices in a cost-effective way? Are there any coverage criteria for testers to evaluate the thoroughness of the testing against IoT systems? In this paper, we present a combinatorial testing path selection framework for IoT systems, called CT-IoT, that systematically identifies and recommends testing paths in IoT systems for effective testing. We also propose four coverage criteria that can help testers evaluate the testing thoroughness for IoT systems. We conducted an empirical study of CT-IoT on two real-world IoT systems and evaluated the effectiveness of CT-IoT in terms of coverage achievements. The results show the superiority of CT-IoT over a random approach.
... Thus, attackers can easily exploit insecure direct object references or hidden endpoints by manipulating API/URL parameters [2]. On the other hand, a line of research focusses on coarse-grained authorisation within IoT platforms [3][4][5][6][7]. They proposed various solutions to address improper permission designs. ...
... Some research studies have explored the coarse-grained authorisation of IoT [3][4][5][6][7][17][18][19][20][21][22][23], including the security analysis of the IoT platforms and the proposals of fine-grained authorisation mechanisms. In particular, by examining the source code of cloud-side applications (i.e. ...
... The root cause is that the Samsung IoT platform grants full access to the SmartApps even if they only require limited permissions. On the other hand, several new schemes were proposed to provide more fine-grained authorisation for IoT, such as SmartAuth [21], ContexIoT [5] etc [4,6,7]. These studies have emphasised the designs of authorisation schemes within the IoT platforms, instead of focussing on the authorisation inconsistency with the integration of third-party services. ...
Full-text available
Article
Abstract Today's IoT platforms provide rich functionalities by integrating with popular third‐party services. Due to the complexity, it is critical to understand whether the IoT platforms have properly managed the authorisation in the cross‐cloud IoT environments. In this study, the authors report the first systematic study on authorisation management of IoT third‐party integration by: (1) presenting two attacks that leak control permissions of the IoT device in the integration of third‐party services; (2) conducting a measurement study over 19 real‐world IoT platforms and three major third‐party services. Results show that eight of the platforms are vulnerable to the threat. To educate IoT developers, the authors provide in‐depth discussion about existing design principles and propose secure design principles for IoT cross‐cloud control frameworks.
... Dynamic analysis approaches shown in Pavana et al. [18], Fernandes et al. [81], Jia et al. [88], Wang et al. [89], and Babun et al. [90] do not have the drawbacks associated with static analysis. As stated in Ernst et al. [91], static analysis may result in over-approximations by generalizing all possible behaviors of an application from its source code, potentially resulting in false positives. ...
... ContexIoT shown in Jia et al. [88] proposes a context-based permission system for the Samsung SmartThings IoT platform that identifies fine-grain context information and prompts users to make an access control decision at run time. They are the first to use a patching mechanism to collect run time data and pause the execution of SmartApps to segment the execution of a SmartApp into context collection and permission granting phases. ...
Full-text available
Article
Internet of Things (IoT) systems are becoming ubiquitous in various cyber–physical infrastructures, including buildings, vehicular traffic, goods transport and delivery, manufacturing, health care, urban farming, etc. Often multiple such IoT subsystems are deployed in the same physical area and designed, deployed, maintained, and perhaps even operated by different vendors or organizations (or “parties”). The collective operational behavior of multiple IoT subsystems can be characterized via (1) a set of operational rules and required safety properties and (2) a collection of IoT-based services or applications that interact with one another and share concurrent access to the devices. In both cases, this collective behavior often leads to situations where their operation may conflict, and the conflict resolution becomes complex due to lack of visibility into or understanding of the cross-subsystem interactions and inability to do cross-subsystem actuations. This article addresses the fundamental problem of detecting and resolving safety property violations. We detail the inherent complexities of the problem, survey the work already performed, and lay out the future challenges. We also highlight the significance of detecting/resolving conflicts proactively, i.e., dynamically but with a look-ahead into the future based on the context.
... An opponent may then obtain an unauthenticated assessment to the computer, endanger data, and the whole Internet. This weakness is discussed in a variety of research papers, including [120][121][122][123][124][125][126][127]. ...
... In comparison, few experiments have concentrated on approaches that consider contexts. For instance, Jia et al. [125] built a context-based authorization scheme that captures the context of an IoT situation and analyzes security-relevant information. To address these concerns, the authors developed a technique that fingerprints context-dependent attacks on some IoT applications. ...
... It promises a risk assessment to lead to IoT remedy. Numerous system requirement for IoT threat assessment are shown in Figure 12 [125]. Figure 13 depicts the overall presented taxonomy. ...
Article
The data protection problem concerning the Internet of Things (IoT) paradigm has drawn the innovation community’s considerable attention. Several surveys have covered different IoT-centered issues, namely vulnerability simulation, intrusion detection systems, and state-of-the-art techniques were put forward for this purpose. In comparison, we concentrate exclusively on the emerging IoT vulnerabilities and related Artificial Techniques in the current research. This paper initializes the detailed categorization of recent research works, which explore different Machine Learning and Deep Learning techniques for the IoT paradigm. Additionally, a novel taxonomy is included based on IoT vulnerabilities, corresponding attackers, and effects, threats that explore weak links, effective remedies, and organizational authentication technologies that are currently available to recognize and track such deficiencies. This seeks to offer a multidimensional analysis viewpoint on IoT vulnerabilities to the reader, including the technological specifics and effects, which are intended to be leveraged for remediation goals. Inspired by the lack of IoT paradigm-related scientific (and malicious) evidence, the current study provides an emphasis on IoT manipulation from passive measurements. The current research illustrates the seriousness of the IoT problem while offering organizational knowledge resources that will inevitably assist in the mitigating mission in general. In addition to open issues and research concerns, informative conclusions, inferences, and results are revealed in the current research, which will lead to future research initiatives to resolve scientific concerns relevant to IoT security.
... Several solutions to mitigate sensitive information flows and unauthorized accesses within IoT apps have also emerged. For example, ContextIoT [21], is a context-based permission system that identifies the usage context of sensitive actions using control and data flow information. Similarly, SAINT [7] uses static analysis of application code to identify sensitive information flows between taint sources and taint sinks. ...
Full-text available
Article
End users are increasingly using trigger-action platforms like If-This-Then-That (IFTTT) to create applets to connect smart-home devices and services. However, there are inherent implicit risks in using such applets—even non-malicious ones—as sensitive information may leak through their use in certain contexts ( e.g., where the device is located, who can observe the resultant action). This work aims to understand to what extent end users can assess this implicit risk. More importantly we explore whether usage context makes a difference in end-users’ perception of such risks. Our work complements prior work that has identified the impact of usage context on expert evaluation of risks in IFTTT by focusing the impact of usage context on end-users’ risk perception. Through a Mechanical Turk survey of 386 participants on 49 smart-home IFTTT applets, we found that participants have a nuanced view of contextual factors and that different values for contextual factors impact end-users’ risk perception differently. Further, our findings show that nudging the participants to think about different usage contexts led them to think deeper about the associated risks and raise their concern scores.
... Jia et al. [16] proposed ContexloT, which provides a contextbased permission system and automatically patch SmartApps to provide rich contextual information at runtime, and finally achieve the goal of helping users perform effective access control. But sometimes malicious logic is not so easy to distinguish and in comparison, SmartPatch not only takes users out of the verification process but also accurately guarantees the authenticity of the event. ...
Full-text available
Article
Emerging IoT clouds are playing a more important role in modern lives, enabling users/developers to program applications to make better use of smart devices. However, preliminary research has shown IoT cloud vulnerabilities could expose IoT users to security risks. To better understand the problem, we studied the SmartThings cloud, one of the most popular IoT cloud platforms that support user-defined device automation (SmartApps). Specifically, we found new vulnerabilities in SmartThings that allow attackers to fake events to trigger the SmartApps to operate devices (e.g., open a lock). Exploiting such vulnerabilities, we successfully faked 7 different types of events, which impact 138 (out of 187) SmartThings official open-sourced SmartApps. To defeat such attacks, we propose an authenticity-verification-based scheme to deny fake events. Moreover, we designed a tool, SmartPatch, to help users secure their SmartThings systems. In specific, SmartPatch automatically patches the vulnerable SmartApps and Device Handlers (input) and outputs the flawless programs, which are ready for users to deploy in their SmartThings systems. We have made SmartPatch publicly available. With the help of SmartPatch, we patched all the vulnerable SmartThings official open-sourced programs (146 SmartApps and 321 Device Handlers). Experiments have shown the compatibility, effectiveness, and efficiency of our proposed approach.