Abstract | ||
---|---|---|
A key feature of the booming smart home is the integration of a wide assortment of technologies, including various standards, proprietary communication protocols and heterogeneous platforms. Due to customization, unsatisfied assumptions and incompatibility in the integration, critical security vulnerabilities are likely to be introduced by the integration. Hence, this work addresses the security problems in smart home systems from an integration perspective, as a complement to numerous studies that focus on the analysis of individual techniques. We propose HOMESCAN, an approach that examines the security of the implementations of smart home systems. It extracts the abstract specification of application-layer protocols and internal behaviors of participants, so that it is able to conduct an end-to-end security analysis against various attack models. Applying HOMESCAN on three extensively-used smart home systems, we have found twelve non-trivial security vulnerabilities, which may lead to unauthorized remote control and credential leakage. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/ICECCS2018.2018.00011 | 2018 23rd International Conference on Engineering of Complex Computer Systems (ICECCS) |
Keywords | Field | DocType |
Internet of Things,IoT Security,Smart Home | Attack model,Authentication,Systems engineering,Computer science,Computer security,Home automation,Implementation,Security analysis,Credential,Personalization,Communications protocol | Conference |
ISBN | Citations | PageRank |
978-1-5386-9342-1 | 1 | 0.35 |
References | Authors | |
15 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kulani Tharaka Mahadewa | 1 | 1 | 0.35 |
Kailong Wang | 2 | 12 | 2.27 |
Guangdong Bai | 3 | 177 | 14.09 |
Ling Shi | 4 | 1717 | 107.86 |
Jin Song Dong | 5 | 1369 | 107.12 |
Zhenkai Liang | 6 | 1486 | 81.00 |