HoMonit: Monitoring Smart Home Apps from Encrypted Traffic

Smart home is an emerging technology for intelligently connecting a large variety of smart sensors and devices to facilitate automation of home appliances, lighting, heating and cooling systems, and security and safety systems. Our research revolves around Samsung SmartThings, a smart home platform with the largest number of apps among currently available smart home platforms. The previous research has revealed several security flaws in the design of SmartThings, which allow malicious smart home apps (or SmartApps) to possess more privileges than they were designed and to eavesdrop or spoof events in the SmartThings platform. To address these problems, this paper leverages side-channel inference capabilities to design and develop a system, dubbed HoMonit, to monitor SmartApps from encrypted wireless traffic. To detect anomaly, HoMonit compares the SmartApps activities inferred from the encrypted traffic with their expected behaviors dictated in their source code or UI interfaces. To evaluate the effectiveness of HoMonit, we analyzed 181 official SmartApps and performed evaluation on 60 malicious SmartApps, which either performed over-privileged accesses to smart devices or conducted event-spoofing attacks. The evaluation results suggest that HoMonit can effectively validate the working logic of SmartApps and achieve a high accuracy in the detection of SmartApp misbehaviors.

[1]  Rui Zhang,et al.  VISIBLE: Video-Assisted Keystroke Inference from Tablet Backside Motion , 2016, NDSS.

[2]  Jeffrey Dean,et al.  Distributed Representations of Words and Phrases and their Compositionality , 2013, NIPS.

[3]  Dawn Song,et al.  Smart Locks: Lessons for Securing Commodity Internet of Things Devices , 2016, AsiaCCS.

[4]  Shwetak N. Patel,et al.  Experimental Security Analyses of Non-Networked Compact Fluorescent Lamps: A Case Study of Home Automation Security , 2013, LASER.

[5]  Blase Ur,et al.  The Current State of Access Control for Smart Devices in Homes , 2013 .

[6]  Roksana Boreli,et al.  Network-level security and privacy control for smart-home IoT devices , 2015, 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[7]  Ivan Martinovic,et al.  Using Channel State Information for Tamper Detection in the Internet of Things , 2015, ACSAC 2015.

[8]  Daniel Mossé,et al.  Seamless Integration of Heterogeneous Devices and Access Control in Smart Homes , 2012, 2012 Eighth International Conference on Intelligent Environments.

[9]  Qi Alfred Chen,et al.  ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms , 2017, NDSS.

[10]  Roksana Boreli,et al.  An experimental study of security and privacy risks with emerging household appliances , 2014, 2014 IEEE Conference on Communications and Network Security.

[11]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.

[12]  Benjamin Michele,et al.  Demo: Using malicious media files to compromise the security and privacy of smart TVs , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[13]  Nan Zhang,et al.  HanGuard: SDN-driven protection of smart home WiFi devices from malicious mobile apps , 2017, WISEC.

[14]  Atul Prakash,et al.  FlowFence: Practical Data Protection for Emerging IoT Application Frameworks , 2016, USENIX Security Symposium.

[15]  Yuan Tian,et al.  SmartAuth: User-Centered Authorization for the Internet of Things , 2017, USENIX Security Symposium.

[16]  Earlence Fernandes,et al.  Security Analysis of Emerging Smart Home Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[17]  Charles V. Wright,et al.  Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[18]  James Newsome,et al.  Challenges in Access Right Assignment for Secure Home Networks , 2010, HotSec.

[19]  Behrang Fouladi,et al.  Security Evaluation of the Z-Wave Wireless Protocol , 2013 .

[20]  Tadayoshi Kohno,et al.  Securing vulnerable home IoT devices with an in-hub security manager , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[21]  Shuai Li,et al.  Demographics inference through Wi-Fi network traffic analysis , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[22]  Xiangyu Liu,et al.  When Good Becomes Evil: Keystroke Inference with Smartwatch , 2015, CCS.

[23]  Mahadev Satyanarayanan,et al.  Privacy Mediators: Helping IoT Cross the Chasm , 2016, HotMobile.

[24]  Wenyuan Xu,et al.  On Code Execution Tracking via Power Side-Channel , 2016, CCS.

[25]  Paul E. Black,et al.  Dictionary of Algorithms and Data Structures | NIST , 1998 .

[26]  Ramjee Prasad,et al.  Identity establishment and capability based access control (IECAC) scheme for Internet of Things , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[27]  Xiangyu Liu,et al.  Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthily with Inaudible Sound , 2014, CCS.

[28]  Pieter H. Hartel,et al.  Through the eye of the PLC: semantic security monitoring for industrial processes , 2014, ACSAC.

[29]  Wei Zhang,et al.  WiVo: Enhancing the Security of Voice Control System via Wireless Signal in IoT Environment , 2018, MobiHoc.

[30]  Yuqiong Sun,et al.  AuDroid: Preventing Attacks on Audio Channels in Mobile Devices , 2015, ACSAC.

[31]  Tobias Zillner,et al.  ZigBee Exploited The good , the bad and the ugly , 2015 .

[32]  Alvaro A. Cárdenas,et al.  Using Visual Challenges to Verify the Integrity of Security Cameras , 2015, ACSAC.

[33]  Trent Jaeger,et al.  Designing for Attack Surfaces: Keep Your Friends Close, but Your Enemies Closer , 2015, SPACE.

[34]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[35]  Xiangyu Liu,et al.  No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[36]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[37]  Kang G. Shin,et al.  Viden: Attacker Identification on In-Vehicle Networks , 2017, CCS.

[38]  Raheem A. Beyah,et al.  Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems , 2016, NDSS.

[39]  Mauro Conti,et al.  AppScanner: Automatic Fingerprinting of Smartphone Apps from Encrypted Network Traffic , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[40]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.