SyntIoT: Privacy and security experimentation in consumer-oriented IoT ecosystems

Since the advent of consumer-oriented IoT products, like smart homes, researchers have taken up the challenge of shielding the consumers from the risks this technology entails, including privacy harms. However, security and privacy research is ‘hungry’ for open data (e.g., about the network traffic patterns of the devices) and open platforms to validate IoT-related solutions outside a pure simulation environment. Except for the few cases seen in the related work, datasets are not readily available to the research community and are difficult to produce in-house. Also, the reproducibility of research results and open science is hindered by the lack of an open experimentation platform (to test privacy and security solutions) that also offers a fine-grained control of the experimental setup. We present SyntIoT, a platform that allows researchers to easily deploy a complete IoT ecosystem (including devices, users, vendor clouds) into the physical world and at a low cost, hence lowering the barriers to entry in this research field. SyntIoT can be used to collect field data and to realistically validate security and privacy solutions. Our platform uses synthetic IoT devices that are fully configurable in a declarative way. Interestingly, our platform also allows commercial devices to be deployed alongside the synthetic ones. The platform provides an infrastructure to monitor the ecosystem and to extract rich data, which can be used for empirical research and data mining. This paper presents the platform, explains how it meets established research needs not yet answered in previous works, and highlights its usage in the context of three experimental scenarios.

[1]  András Varga,et al.  An overview of the OMNeT++ simulation environment , 2008, SimuTools.

[2]  Sándor Molnár,et al.  Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops , 2008, Simutools 2008.

[3]  Evangelos Theodoridis,et al.  SmartSantander: IoT experimentation over a smart city testbed , 2014, Comput. Networks.

[4]  Eric Fleury,et al.  FIT IoT-LAB: A large scale open experimental IoT testbed , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[5]  Michael Kirsche,et al.  Looking into Hardware-in-the-Loop Coupling of OMNeT++ and RoSeNet , 2015, ArXiv.

[6]  Earlence Fernandes,et al.  Security Analysis of Emerging Smart Home Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[7]  Antoine Gallais,et al.  Thorough IoT testbed characterization: From proof-of-concept to repeatable experimentations , 2017, Comput. Networks.

[8]  Rajkumar Buyya,et al.  iFogSim: A toolkit for modeling and simulation of resource management techniques in the Internet of Things, Edge and Fog computing environments , 2016, Softw. Pract. Exp..

[9]  Marcia Ford,et al.  Alexa, are you listening to me? An analysis of Alexa voice service network traffic , 2018, Personal and Ubiquitous Computing.

[10]  Sherali Zeadally,et al.  Internet of Things (IoT): Research, Simulators, and Testbeds , 2018, IEEE Internet of Things Journal.

[11]  Elias Z. Tragos,et al.  FIESTAIoT Project: Federated Interoperable Semantic IoT/cloud Testbeds and Applications , 2018, WWW.

[12]  Rajarshi Gupta,et al.  All Things Considered: An Analysis of IoT Devices on Home Networks , 2019, USENIX Security Symposium.

[13]  N. Feamster,et al.  IoT Inspector , 2019, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[14]  Nick Feamster,et al.  Keeping the Smart Home Private with Smart(er) IoT Traffic Shaping , 2018, Proc. Priv. Enhancing Technol..

[15]  Hamed Haddadi,et al.  Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach , 2019, Internet Measurement Conference.

[16]  Zubair Shafiq,et al.  Characterizing Smart Home IoT Traffic in the Wild , 2020, 2020 IEEE/ACM Fifth International Conference on Internet-of-Things Design and Implementation (IoTDI).

[17]  Mauro Conti,et al.  Peek-a-boo: i see your smart home activities, even encrypted! , 2018, WISEC.