• Corpus ID: 237492034

Towards Practical Integrity in the Smart Home with HomeEndorser

  title={Towards Practical Integrity in the Smart Home with HomeEndorser},
  author={Kaushal Kafle and Kirti Jagtap and Mansoor Ahmed-Rengers and Trent Jaeger and Adwait Nadkarni},
Home automation in modern smart home platforms is often facilitated using trigger-action routines. While such routines enable flexible automation, they also lead to an instance of the integrity problem in these systems: untrusted third-parties may use platform APIs to modify the abstract home objects (AHOs) that privileged, highintegrity devices such as security cameras rely on (i.e., as triggers), thereby transitively attacking them. As most accesses to AHOs are legitimate, removing the… 

Figures and Tables from this paper


Security in Centralized Data Store-based Home Automation Platforms
This article describes a systematic security evaluation of two popular smart home platforms, Google’s Nest platform and Philips Hue, which implement home automation “routines” (i.e., trigger-action programs involving apps and devices) via manipulation of state variables in a centralized data store.
A Study of Data Store-based Home Automation
A systematic security evaluation of two popular smart home platforms that implement home automation "routines" via manipulation of state variables in a centralized data store draws attention to the unique security challenges of platforms that execute routines via centralized data stores, and highlights the importance of enforcing security by design in emerging home automation platforms.
Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses
The design and implementation of Hεlion is described, a framework that generates natural home automation scenarios by identifying the regularities in user-driven home automation sequences, which are in turn generated from routines created by end-users.
Tyche: A Risk-Based Permission Model for Smart Homes
Tyche, a secure development methodology that leverages the risk-asymmetry in physical device operations to limit the risk that apps pose to smart home users, without increasing the user's decision overhead, is presented.
SmartAuth: User-Centered Authorization for the Internet of Things
The technique, called SmartAuth, automatically collects security-relevant information from an IoT app’s description, code and annotations, and generates an authorization user interface to bridge the gap between the functionalities explained to the user and the operations the app actually performs.
Peeves: Physical Event Verification in Smart Homes
The goal of this paper is to verify physical events using data from an ensemble of sensors that are commonly found in smart homes, and shows that even a strong opportunistic attacker is inherently limited to spoofing few select events and that doing so involves lengthy waiting periods.
Fear and Logging in the Internet of Things
This work presents ProvThings, a platform-centric approach to centralized auditing in the Internet of Things, which performs efficient automated instrumentation of IoT apps and device APIs in order to generate data provenance that provides a holistic explanation of system activities, including malicious behaviors.
Situational Access Control in the Internet of Things
This work designs and implements a new approach to IoT access control and introduces "environmental situation oracles'' (ESOs) as first-class objects in the IoT ecosystem, which reduces inefficiency, supports consistent enforcement of common policies, and reduces overprivileging.
Security Analysis of Emerging Smart Home Applications
This paper analyzed Samsung-owned SmartThings, which has the largest number of apps among currently available smart home platforms, and supports a broad range of devices including motion sensors, fire alarms, and door locks, and discovered two intrinsic design flaws that lead to significant overprivilege in SmartApps.
AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings
This work implements the AWare authorization framework for Android, extending the Android Middleware to control access to privacy-sensitive sensors, and proposes to bind applications’ operation requests to the associated user input events and how they were obtained explicitly, enabling users to authorize operations on privacy- sensitive sensors unambiguously and reuse such authorizations.