An experimental study of security and privacy risks with emerging household appliances

Smart household appliances, ranging from light-bulbs and door-locks to power switches and smoke-alarms, are rapidly emerging in the marketplace, with predictions that over 2 billion devices will be installed within the next four years. However, security implementations vary widely across these devices, while privacy implications are unclear to users. In this paper we dissect the behavior of a few household devices, specifically the Phillips Hue light-bulb, the Belkin WeMo power switch, and the Nest smoke-alarm, and highlight the ease with which security and privacy can be compromised. We then propose a new solution to protect such devices by restricting access at the network-level. Our solution does not require changes from device manufacturers, reduces burden on the end-users, and allows security to be offered as an overlay service by the ISP or from a specialist provider in the cloud.

[1]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[2]  Jinquan Zeng,et al.  Research on immunity-based intrusion detection technology for the Internet of Things , 2011, 2011 Seventh International Conference on Natural Computation.

[3]  Qiaoyan Wen,et al.  An identity-based personal location system with protected privacy in IOT , 2011, 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology.

[4]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[5]  Mahmoud Elkhodr,et al.  A contextual-adaptive Location Disclosure Agent for general devices in the Internet of Things , 2013, 38th Annual IEEE Conference on Local Computer Networks - Workshops.

[6]  Xinzheng Dong,et al.  Application of dynamic variable cipher security certificate in Internet of Things , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[7]  Maurizio A. Spirito,et al.  The VIRTUS Middleware: An XMPP Based Architecture for Secure IoT Communications , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[8]  Caiming Liu,et al.  A Novel Approach to IoT Security Based on Immunology , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[9]  Antonio F. Gómez-Skarmeta,et al.  A decentralized approach for security and privacy challenges in the Internet of Things , 2014, WF-IoT.

[10]  Nicola Bui,et al.  Low power link layer security for IoT: Implementation and performance analysis , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).