Daniel J. Dubois

Vadim Safronov, Anna Maria Mandalari, Daniel J. Dubois et al.

With an increasing number of Internet of Things (IoT) devices present in homes, there is a rise in the number of potential information leakage channels and their associated security threats and privacy risks. Despite a long history of attacks on IoT devices in unprotected home networks, the problem of accurate, rapid detection and prevention of such attacks remains open. Many existing IoT protection solutions are cloud-based, sometimes ineffective, and might share consumer data with unknown third parties. This paper investigates the potential for effective IoT threat detection locally, on a home router, using AI tools combined with classic rule-based traffic-filtering algorithms. Our results show that with a slight rise of router hardware resources caused by machine learning and traffic filtering logic, a typical home router instrumented with our solution is able to effectively detect risks and protect a typical home IoT network, equaling or outperforming existing popular solutions, without any effects on benign IoT functionality, and without relying on cloud services and third parties.

Narmeen Shafqat, Daniel J. Dubois, David Choffnes et al.

Zigbee is an energy-efficient wireless IoT protocol that is increasingly being deployed in smart home settings. In this work, we analyze the privacy guarantees of Zigbee protocol. Specifically, we present ZLeaks, a tool that passively identifies in-home devices or events from the encrypted Zigbee traffic by 1) inferring a single application layer (APL) command in the event's traffic, and 2) exploiting the device's periodic reporting pattern and interval. This enables an attacker to infer user's habits or determine if the smart home is vulnerable to unauthorized entry. We evaluated ZLeaks' efficacy on 19 unique Zigbee devices across several categories and 5 popular smart hubs in three different scenarios; controlled RF shield, living smart-home IoT lab, and third-party Zigbee captures. We were able to i) identify unknown events and devices (without a-priori device signatures) using command inference approach with 83.6% accuracy, ii) automatically extract device's reporting signatures, iii) determine known devices using the reporting signatures with 99.8% accuracy, and iv) identify APL commands in a public capture with 91.2% accuracy. In short, we highlight the trade-off between designing a low-power, low-cost wireless network and achieving privacy guarantees. We have also released ZLeaks tool for the benefit of the research community.

Anna Maria Mandalari, Roman Kolcun, Hamed Haddadi et al.

The consumer Internet of Things (IoT) space has experienced a significant rise in popularity in the recent years. From smart speakers, to baby monitors, and smart kettles and TVs, these devices are increasingly found in households around the world while users may be unaware of the risks associated with owning these devices. Previous work showed that these devices can threaten individuals' privacy and security by exposing information online to a large number of service providers and third party analytics services. Our analysis shows that many of these Internet connections (and the information they expose) are neither critical, nor even essential to the operation of these devices. However, automatically separating out critical from non-critical network traffic for an IoT device is nontrivial, and requires expert analysis based on manual experimentation in a controlled setting. In this paper, we investigate whether it is possible to automatically classify network traffic destinations as either critical (essential for devices to function properly) or not, hence allowing the home gateway to act as a selective firewall to block undesired, non-critical destinations. Our initial results demonstrate that some IoT devices contact destinations that are not critical to their operation, and there is no impact on device functionality if these destinations are blocked. We take the first steps towards designing and evaluating IoTrimmer, a framework for automated testing and analysis of various destinations contacted by devices, and selectively blocking the ones that do not impact device functionality.