Effective Security Schemes for Smart Home Internet of Things

Abstract

Recent advancements in low-cost and low-power hardware facilitate the prevalence of Internet of Things (IoT) to be adopted in various smart environments. Although our works mainly take the smart home as the target application scenario, they can be easily applied to other smart environments such as smart office and industry. These devices and systems bring higher-level context sensing capability and enable intelligent and autonomous actions. However, these advantages are greatly undermined by concerns over the systems’ security issues. Due to constraints on cost, power, and size, a large number of high-risk vulnerabilities of IoT/CPS (Cyber Physical System) systems are being discovered every year, which allow attackers to exploit them and expand their attacks from cyberspace to the physical world and causes severe damages. To cope with these emerging threats, we systematically investigate constituent components of IoT systems. Based on our exploration, we reveal new vulnerabilities and propose effective defense and detection mechanisms. In one work, we propose a novel semantic-aware anomaly detection scheme for smart home IoT systems, which provides timely anomaly alerts with a very low false alarm rate. In this scheme, we innovatively present the inter-device correlations as a uniform representation for profiling normal behaviors of smart home IoT systems. We utilize semantic information such as automation rules and device attributes to generate hypothetical correlations and then test them using collected event logs. The accepted correlations are then applied to the real-time events stream which can raise alarms when there is violation. We build a prototype anomaly detection system and evaluate it on four real-world testbeds. The evaluation results show that the accuracies are higher than 97%. In another work, we design an audio adversarial examples (AEs) detection system that can protect any system that uses audio speech recognition (ASR), such as smart speakers. We observe that existing audio AEs cannot transfer among different speech recognition model. Based on this observation, we propose to apply multiple speech recognition models to an input audio samples concurrently and detect AEs as those have inconsistent transcripts. We evaluate the our prototype detector on 1,125 benign audio samples and 1,125 AE samples. The results show an detection accuracy of over 98%. We conduct detailed investigation of IoT messaging protocols. We discover a new vulnerability of the IoT message timeout handling mechanism that broadly affects a large number of IoT devices and is not due to implementation flaws. We summarize our discovery as two attack primitives that can stealthily delay event and command messages, respectively. Further, we build three types of attacks based on them, which can manipulate the execution of automation rules to trigger erroneous actions or disable actions of safety-critical devices. We extensively evaluate the vulnerability on 50 IoT devices (belonging to 8 types) construct 11 proof-of-concept attacking cases that are collected from real-world user forums. The results show the effectiveness of the attack. We have reported the discovered vulnerability to major IoT vendors, including Apple, Google, Amazon, Ring, SmartThings, and SimpliSafe, and some vendors have discussed their counter measurements. We also develop a blockchain-assisted distributed relay sharing scheme for smart home IoT systems. The scheme can effectively resolve the single points of failure (SPOF) problem of existing cloud based service architecture and prevent malicious behaviors through financial punishment.