• Login
    View Item 
    •   Home
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    •   Home
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of TUScholarShareCommunitiesDateAuthorsTitlesSubjectsGenresThis CollectionDateAuthorsTitlesSubjectsGenres

    My Account

    LoginRegister

    Help

    AboutPeoplePoliciesHelp for DepositorsData DepositFAQs

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Effective Security Schemes for Smart Home Internet of Things

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Thumbnail
    Name:
    Fu_temple_0225E_14751.pdf
    Size:
    2.373Mb
    Format:
    PDF
    Download
    Genre
    Thesis/Dissertation
    Date
    2022
    Author
    Fu, Chenglong cc
    Advisor
    Du, Xiaojiang
    Committee member
    Wang, Yu
    Wang, Yan
    Zeng, Qiang
    Department
    Computer and Information Science
    Subject
    Computer science
    Permanent link to this record
    http://hdl.handle.net/20.500.12613/7667
    
    Metadata
    Show full item record
    DOI
    http://dx.doi.org/10.34944/dspace/7639
    Abstract
    Recent advancements in low-cost and low-power hardware facilitate the prevalence of Internet of Things (IoT) to be adopted in various smart environments. Although our works mainly take the smart home as the target application scenario, they can be easily applied to other smart environments such as smart office and industry. These devices and systems bring higher-level context sensing capability and enable intelligent and autonomous actions. However, these advantages are greatly undermined by concerns over the systems’ security issues. Due to constraints on cost, power, and size, a large number of high-risk vulnerabilities of IoT/CPS (Cyber Physical System) systems are being discovered every year, which allow attackers to exploit them and expand their attacks from cyberspace to the physical world and causes severe damages. To cope with these emerging threats, we systematically investigate constituent components of IoT systems. Based on our exploration, we reveal new vulnerabilities and propose effective defense and detection mechanisms. In one work, we propose a novel semantic-aware anomaly detection scheme for smart home IoT systems, which provides timely anomaly alerts with a very low false alarm rate. In this scheme, we innovatively present the inter-device correlations as a uniform representation for profiling normal behaviors of smart home IoT systems. We utilize semantic information such as automation rules and device attributes to generate hypothetical correlations and then test them using collected event logs. The accepted correlations are then applied to the real-time events stream which can raise alarms when there is violation. We build a prototype anomaly detection system and evaluate it on four real-world testbeds. The evaluation results show that the accuracies are higher than 97%. In another work, we design an audio adversarial examples (AEs) detection system that can protect any system that uses audio speech recognition (ASR), such as smart speakers. We observe that existing audio AEs cannot transfer among different speech recognition model. Based on this observation, we propose to apply multiple speech recognition models to an input audio samples concurrently and detect AEs as those have inconsistent transcripts. We evaluate the our prototype detector on 1,125 benign audio samples and 1,125 AE samples. The results show an detection accuracy of over 98%. We conduct detailed investigation of IoT messaging protocols. We discover a new vulnerability of the IoT message timeout handling mechanism that broadly affects a large number of IoT devices and is not due to implementation flaws. We summarize our discovery as two attack primitives that can stealthily delay event and command messages, respectively. Further, we build three types of attacks based on them, which can manipulate the execution of automation rules to trigger erroneous actions or disable actions of safety-critical devices. We extensively evaluate the vulnerability on 50 IoT devices (belonging to 8 types) construct 11 proof-of-concept attacking cases that are collected from real-world user forums. The results show the effectiveness of the attack. We have reported the discovered vulnerability to major IoT vendors, including Apple, Google, Amazon, Ring, SmartThings, and SimpliSafe, and some vendors have discussed their counter measurements. We also develop a blockchain-assisted distributed relay sharing scheme for smart home IoT systems. The scheme can effectively resolve the single points of failure (SPOF) problem of existing cloud based service architecture and prevent malicious behaviors through financial punishment.
    ADA compliance
    For Americans with Disabilities Act (ADA) accommodation, including help with reading this content, please contact scholarshare@temple.edu
    Collections
    Theses and Dissertations

    entitlement

     
    DSpace software (copyright © 2002 - 2022)  DuraSpace
    Temple University Libraries | 1900 N. 13th Street | Philadelphia, PA 19122
    (215) 204-8212 | scholarshare@temple.edu
    Open Repository is a service operated by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.