Conference PaperPDF Available

A digital forensics framework for smart settings: poster

Authors:
Leonardo Babun at Florida International University
Leonardo Babun
Amit Kumar Sikder at Georgia Institute of Technology
Amit Kumar Sikder
Abbas Acar at Florida International University
Abbas Acar
Selcuk Uluagac at Florida International University
Selcuk Uluagac
Download full-text PDFDownload full-text PDF
Read full-text
Download citation

Abstract

Users utilize IoT devices and sensors in a co-operative manner to enable the concept of a smart environment. This integration generate data with high forensic value. Nonetheless, current smart app programming platforms do not provide any digital forensics capability to identify, trace, store, and analyze the data produced in these settings. To overcome these limitations, in this poster, we present our ongoing work to introduce a novel digital forensic framework for a smart environment.
5cee0419a6fdcc18c8e97a
13.pdf
Content uploaded by Amit Kumar Sikder
Author content
All content in this area was uploaded by Amit Kumar Sikder on May 29, 2019
Content may be subject to copyright.
p332-bab
un.pdf
Content uploaded by Amit Kumar Sikder
Author content
All content in this area was uploaded by Amit Kumar Sikder on May 29, 2019
Content may be subject to copyright.
POSTER: A Digital Forensics Framework for Smart Seings
(Extended Abstract)
Leonardo Babun, Amit K. Sikder, Abbas Acar, and A. Selcuk Uluagac
{lbabu002,asikd003,aacar001,suluagac}@u.edu
Cyber-Physical Systems Security Lab (CSL),
Florida International University
Miami, Florida
ABSTRACT
Users utilize IoT devices and sensors in a co-operative manner
to enable the concept of a smart environment. This integration
generate data with high forensic value. Nonetheless, current smart
app programming platforms do not provide any digital forensics
capability to identify, trace, store, and analyze the data produced
in these settings. To overcome these limitations, in this poster, we
present our ongoing work to introduce a novel digital forensic
framework for a smart environment.
KEYWORDS
Forensic Analysis, Internet of Things, Smart Settings, App Instru-
mentation, Machine Learning
ACM Reference Format:
Leonardo Babun, Amit K. Sikder, Abbas Acar, and A. Selcuk Uluagac. 2019.
POSTER: A Digital Forensics Framework for Smart Settings (Extended
Abstract). In 12th ACM Conference on Security and Privacy in
Wireless and Mobile Networks (WiSec ’19), May 15–17, 2019,
Miami, FL, USA. ACM, New York, NY, USA, 2 pages. https:
//doi.org/10.1145/3317549.3326317
1 INTRODUCTION
The Internet of Things (IoT) has quickly evolved as a network of
Internet-enabled physical devices. These IoT devices communicate
with each other and interact with the users’ daily activities through
sensors. In general, IoT devices, which are controlled and managed
via smart apps, sense the users’ activities to change the general state
of the surroundings based on (1) what the users do, (2) the smart
environment setup policies, and (3) the state of the devices [
1
]. The
interaction between devices and users in this settings generates
data with tremendous forensic value [
5
,
7
,
9
]. Nonetheless, current
IoT programming platforms do not provide any means for forensic
analysis nor the mechanisms to access and indenitely store IoT
data in the cloud [3, 4, 8].
To overcome these limitations, in this poster, we present our
ongoing work to introduce a novel digital forensic framework for
smart settings. Our framework has two main components: Modier
(ITM) and Analyzer (ITA). The ITM analyzes smart applications to
detect forensically-relevant information inside the apps. Then, the
smart apps are instrumented by inserting specic logs that send the
forensic data to a secure Database (ITD) at runtime. Later, in the
Permission to make digital or hard copies of part or all of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for prot or commercial advantage and that copies bear this notice and the full citation
on the rst page. Copyrights for third-party components of this work must be honored.
For all other uses, contact the owner/author(s).
WiSec ’19, May 15–17, 2019, Miami, FL, USA
©2019 Copyright held by the owner/author(s).
ACM ISBN 978-1-4503-6726-4/19/05. . . $15.00
https://doi.org/10.1145/3317549 .3326317
case of a forensics investigation, the ITA applies data processing
and machine learning techniques on the ITD data to learn the
overall state of the smart environment. Our initial experimental
results demonstrate that the proposed framework achieves high
accuracy in inferring both time-dependent and time-independent
user activities and forensic behaviors.
2 PROPOSED ARCHITECTURE
Figure 1 depicts the general architecture of the proposed digital
forensics framework. First, the user downloads the original smart
app source from one of the freely available online repositories
1
.
Then, the ITM automatically analyzes and instruments the smart
app to insert forensic logs and enable the collection of forensically-
relevant data
2
. In general, the ITM process involves (1) the analy-
sis of the source code of the smart apps [
2
,
6
] and (2) the smart app
instrumentation. Then, at runtime, the modied apps send forensic
logs to the ITD 3.
Later, in the event of a forensics investigation, the ITA performs
data processing and applies machine learning techniques on the col-
lected data
4
. The purpose of this analysis is to extract forensically-
relevant information from the acquired logs. Ultimately, the frame-
work matches the inferred activities with the security policies de-
ned for the smart environment. From here, the framework is able
to detect anomalous activities from the users interacting with the
smart environment and potential malicious behaviors from users
and smart apps
5
. In the following, we describe essential aspects
of these operations.
Modier (ITM)
This part of the framework automatically analyzes
the source code from the original smart applications and ags
forensically-relevant points. Then, it automatically inserts specic
code to enable the logging of the forensic data at runtime. The
rst step toward analyzing the smart app source code is to model
the application’s structure. The benets from modeling the smart
app include the extraction of smart apps’ entry points, events, and
control ow of data.
Analyzer (ITA)
The ITD stores logs obtained from smart apps
at runtime so the information from events and actions in a smart
environment can be used later for forensic purposes. The proposed
framework implements an ITA that executes the following actions
on the ITD data.
Labeling: This step classies and stamps the data in the ITD.
Detection: The proposed framework is capable of not only labeling
the logs based on forensic criteria, but also analyzing the data to
infer user activity and detect forensic behavior of users, smart
apps, and devices.
Device Cooperation: The forensics framework is capable of detect-
ing tampered devices based on the analysis of collected logs from
multiple devices. We call this process device cooperation. During
device cooperation analysis, if one device is compromised or
tampered, the information collected from other trusted devices
332
Smart App Cloud Backend
IOTDOTS-modified
Smart App
Device Handlers
Events
Actions
Smart Environment
Smart App Repository
Modifier (ITM)
Source Code Analysis
Forensically-relevant Points
Smart App Instrumentation
1
2
34
Analyzer (ITA)
User Activity Inference
Forensic Behavior
Security Policies
Forensic Decision
Secure Database
5
Figure 1: Overview of the proposed framework for enabling forensics analysis in the smart environment.
1 2 3 4 5 6 7 8 9 10
Number of Users
50
60
70
80
90
100
Accuracy (%)
Forensic Activity-1
Forensic Activity-2
Forensic Activity-3
Forensic Activity-4
Forensic Activity-5
Figure 2: Some preliminary results that demonstrate the e-
cacy of the proposed framework in inferring user activities
inside the smart environment.
that share similar types of data logs is analyzed to detect the one
reporting fake or unexpected data.
Multi-class Approach: We utilize a multi-class classication ap-
proach to infer dierent forensic activities and behaviors in the
smart environment.
3 IMPLEMENTATION AND INITIAL RESULTS
We implemented the proposed forensics framework in a Samsung
SmartThings-supported smart environment to test its performance.
Figure 2 shows the accuracy of the framework in inferring user
activities in scenarios with multiple users. One can observe how
the accuracy values decrease with the increment of the number of
users. For time-independent activities (i.e., Activity-1 and Activity-
2), the framework achieves accuracy in the range between 98% to
95%. For time-dependent activities (i.e., Activity-3, Activity-4, and
Activity-5), the accuracy varies in the range between 96% to 86%,
as the number of users increases.
4 CONCLUSIONS
We introduced an ongoing research work that proposes a novel
framework used to extract forensically-relevant logs from the smart
environment. Preliminary results demonstrate that the proposed
framework is highly eective.
5 ACKNOWLEDGMENTS
This work is partially supported by the US National Science Foun-
dation (Awards: NSF-CAREER-CNS-1453647, NSF-1663051) and
Florida Center for Cybersecurity’s Capacity Building Program. Any
opinions, ndings, and conclusions or recommendations expressed
in this material are those of the authors and do not necessarily
reect the views of the funding agencies.
REFERENCES
[1]
H. Aksu, L. Babun, M. Conti, G. Tolomei, and A. S. Uluagac. 2018. Advertising in
the IoT Era: Vision and Challenges. IEEE Communications Magazine (2018), 1–7.
https://doi.org/10.1109/MCOM .2017.1700871
[2]
Z. Berkay Celik, Leonardo Babun, Amit Kumar Sikder, Hidayet Aksu, Gang Tan,
Patrick McDaniel, and A. Selcuk Uluagac. 2018. Sensitive Information Track-
ing in Commodity IoT. In 27th USENIX Security Symposium (USENIX Security
18). USENIX Association, Baltimore, MD. https://www
.
usenix
.
org/conference/
usenixsecurity18/presentation/celik
[3]
Sudhir Chitnis, Neha Deshpande, and Arvind Shaligram. 2016. An investigative
study for smart home security: Issues, challenges and countermeasures. Wireless
Sensor Network (2016), 61.
[4]
Malware found in surveillance cameras sold through Amazon. 2017.
https://www
.
techworm
.
net/2016/04/malware-found- surveillance-cameras-
sold-amazon.html. [Online; accessed 10-January-2018].
[5]
Sukhvir Notra, Muhammad Siddiqi, Hassan Habibi Gharakheili, Vijay Sivaraman,
and Roksana Boreli. 2014. An experimental study of security and privacy risks
with emerging household appliances. In Communications and Network Security
(CNS), 2014 IEEE Conference on. IEEE, 79–84.
[6]
SaINT Project, L. Babun, Z. Berkay Celik and A. Kumar Sikder. [n. d.]. http:
//saint-project.appspot.com/. [Online; accessed August-2018].
[7]
Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac. 2017. 6thSense: A
Context-aware Sensor-based Attack Detector for Smart Devices. In USENIX Secu-
rity.
[8]
SmartThings Logging, Matt J Frank. [n. d.]. https://github
.
com/krlaframboise/
SmartThings/blob/
\
master/smartapps/krlaframboise/simple-event- logger
.
src/
simple-event- logger.groovy. [Online; accessed May-2018].
[9]
Biljana L Risteska Stojkoska and Kire V Trivodaliev. 2017. A review of Internet of
Things for smart home: Challenges and solutions. Journal of Cleaner Production
140 (2017), 1454–1464.
333
... Babun et al. [134], [135], proposed their IoTDots model that automatically analyzes and modifies smart applications to detect and store forensically-relevant information inside the apps. The framework consists of two main components: Modifier (ITM) and Analyzer (ITA). ...
A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches and Open Issues
Article
Full-text available
  • Jan 2020
Today is the era of the Internet of Things (IoT). The recent advances in hardware and information technology have accelerated the deployment of billions of interconnected, smart and adaptive devices, in critical infrastructures like health, transportation, environmental control and home automation. Transferring data over a network without requiring any kind of human-to-computer or human-to-human interaction, brings reliability and convenience to consumers, but also opens a new world of opportunity for intruders, and introduces a whole set of unique and complicated questions to the field of Digital Forensics. Although IoT data could be a rich source of evidence, forensics professionals cope with diverse problems, starting from the huge variety of IoT devices and non-standard formats, to the multi-tenant cloud infrastructure and the resulting multi-jurisdictional litigations. A further challenge is the end-to-end encryption which represents a trade-off between users’ right to privacy and the success of the forensics investigation. Due to its volatile nature, digital evidence has to be acquired and analysed using validated tools and techniques that ensure the maintenance of the Chain of Custody. Therefore, the purpose of this paper is to identify and discuss the main issues involved in the complex process of IoT-based investigations, particularly all legal, privacy and cloud security challenges. Furthermore, this work provides an overview of the past and current theoretical models in the digital forensics science. Special attention is paid to frameworks that aim to extract data in a privacy-preserving manner or secure the evidence integrity using decentralized blockchain-based solutions. In addition, the present paper addresses the ongoing Forensics-as-a-Service (FaaS) paradigm, as well as some promising cross-cutting data reduction and forensics intelligence techniques. Finally, several other research trends and open issues are presented, with emphasis on the need for proactive Forensics Readiness strategies and generally agreed-upon standards.
View
SmartPatch: Verifying the Authenticity of the Trigger-Event in the IoT Platform
Article
Full-text available
  • Jan 2022
Emerging IoT clouds are playing a more important role in modern lives, enabling users/developers to program applications to make better use of smart devices. However, preliminary research has shown IoT cloud vulnerabilities could expose IoT users to security risks. To better understand the problem, we studied the SmartThings cloud, one of the most popular IoT cloud platforms that support user-defined device automation (SmartApps). Specifically, we found new vulnerabilities in SmartThings that allow attackers to fake events to trigger the SmartApps to operate devices (e.g., open a lock). Exploiting such vulnerabilities, we successfully faked 7 different types of events, which impact 138 (out of 187) SmartThings official open-sourced SmartApps. To defeat such attacks, we propose an authenticity-verification-based scheme to deny fake events. Moreover, we designed a tool, SmartPatch, to help users secure their SmartThings systems. In specific, SmartPatch automatically patches the vulnerable SmartApps and Device Handlers (input) and outputs the flawless programs, which are ready for users to deploy in their SmartThings systems. We have made SmartPatch publicly available. With the help of SmartPatch, we patched all the vulnerable SmartThings official open-sourced programs (146 SmartApps and 321 Device Handlers). Experiments have shown the compatibility, effectiveness, and efficiency of our proposed approach.
View
IoT Forensics: Interconnection and Sensing Frameworks
Chapter
  • Mar 2022
The chapter then sheds light on various investigative models, frameworks, and protocols used by digital forensic investigators (DFIs) around the world. The field of IoT forensics is dynamic and developing every day. But most DFIs lack the required technical knowledge to deal with the cases when such need arises. Also, the manufacturing standards of the IoT devices vary from manufacturer to manufacturer. Therefore, researchers and experts are constantly working together to come up with an investigative framework that could be used as a standard of operation. Some of those frameworks have been discussed further in the chapter.
View
View
A Systematic Literature Review on Forensics in Cloud, IoT, AI & Blockchain
Chapter
  • Feb 2022
In the growing diversified software applications, cybersecurity plays a vital role in preserving and avoiding the loss of data in terms of money, knowledge, and assets of businesses and individuals. The Internet of Things and cloud computing are nowadays the integral part of most software applications that assist in acquiring and storing data seamlessly. It provides the convenience of accessibility for the end-user like home automation, storage of huge streams of data, giving elasticity for increasing or decreasing the volume of data. When it comes to decentralized behavior, applications need to be transformed into blockchain technology. Blockchain technology offers value-added features to applications in terms of enhanced security and easier traceability. The blockchain’s unchangeable and incorruptible nature protects it from tampering and hacking. Forensics requires the collection, preservation, and analysis of digital evidence. Artificial Intelligence is predominant in many areas and momentum is gaining to utilize it in the field of forensics. This chapter reviews the application of forensics using Artificial Intelligence in the field of Cloud computing, IoT, and Blockchain Technology. To fulfill the study’s goal, a systematic literature review (SLR) was done. By manually searching six (6) well-known databases, documents were extracted. Based on the study topic, thirty three (33) primary studies were eventually considered. The study also discovered that (1) highlights several well-known challenges and open-Issues in IoT forensics research, as it is dependent on other technologies and is crucial when considering an end-to-end IoT application as an integrated environment with cloud and other technologies. (2) There has been less research dedicated to the use of AI in the field of forensics. (3) Contributions on forensic analysis of attacks in blockchain-based systems is not found.KeywordsForensicsCloud computingBlockchain technologyProvenanceIOTAIMachine learning
View
Cross-Layer Learning: A Deep Learning-Based Forensic Framework for IoT Systems
Chapter
Full-text available
  • Nov 2021
Deep learning-based investigation mechanisms are available for conventional forensics, but not for IoT Forensics. Dividing the system into different layers according to their functionalities, collecting data from each layer, finding the correlating factor, and using it for pattern detection is the fundamental concept behind the proposed intelligent system. We utilize this notion for embedding intelligence in forensics and speed up the investigation process by providing hints to the examiner. We propose a novel Cross-Layer Learning Architecture (CCLA) for IoT Forensics. To the best of our knowledge, this is the first attempt to incorporate deep learning into the forensics of the IoT Ecosystem
View
View
Real-time Analysis of Privacy-(un)aware IoT Applications
Article
Full-text available
  • Jan 2021
Users trust IoT apps to control and automate their smart devices. These apps necessarily have access to sensitive data to implement their functionality. However, users lack visibility into how their sensitive data is used, and often blindly trust the app developers. In this paper, we present IoTWATcH, a dynamic analysis tool that uncovers the privacy risks of IoT apps in real-time. We have designed and built IoTWATcH through a comprehensive IoT privacy survey addressing the privacy needs of users. IoTWATCH operates in four phases: (a) it provides users with an interface to specify their privacy preferences at app install time, (b) it adds extra logic to an app’s source code to collect both IoT data and their recipients at runtime, (c) it uses Natural Language Processing (NLP) techniques to construct a model that classifies IoT app data into intuitive privacy labels, and (d) it informs the users when their preferences do not match the privacy labels, exposing sensitive data leaks to users. We implemented and evaluated IoTWATcH on real IoT applications. Specifically, we analyzed 540 IoT apps to train the NLP model and evaluate its effectiveness. IoTWATcH yields an average 94.25% accuracy in classifying IoT app data into privacy labels with only 105 ms additional latency to an app’s execution.
View
Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies
Article
Full-text available
  • Jul 2020
Collecting and preserving the smart environment logs connected to cloud storage is challenging due to the black-box nature and the multi-tenant cloud models which can pervade log secrecy and privacy. The existing work for log secrecy and confidentiality depends on cloud-assisted models, but these models are prone to multi-stakeholder collusion problems. This study proposes 'PLAF,' a holistic and automated architecture for proactive forensics in the Internet of Things (IoT) that considers the security and privacy-aware distributed edge node log preservation by tackling the multi-stakeholder issue in a fog enabled cloud. We have developed a test-bed to implement the specification, as mentioned earlier, by incorporating many state-of-the-art technologies in one place. We used Holochain to preserve log integrity, provenance, log verifiability, trust admissibility, and ownership non-repudiation. We introduced the privacy preservation automation of log probing via non-malicious command and control botnets in the container environment. For continuous and robust integration of IoT microservices, we used docker containerization technology. For secure storage and session establishment for logs validation, Paillier Homomorphic Encryption, and SSL with Curve25519 is used respectively. We performed the security and performance analysis of the proposed PLAF architecture and showed that, in stress conditions, the automatic log harvesting running in containers gives a 95% confidence interval. Moreover, we show that log preservation via Holochain can be performed on ARM-Based architectures such as Raspberry Pi in a very less amount of time when compared with RSA and blockchain.
View
Aegis: a context-aware security framework for smart home systems
Conference Paper
Full-text available
  • Dec 2019
Our everyday lives are expanding fast with the introduction of new Smart Home Systems (SHSs). Today, a myriad of SHS devices and applications are widely available to users and have already started to re-define our modern lives. Smart home users utilize the apps to control and automate such devices. Users can develop their own apps or easily download and install them from vendor-specific app markets. App-based SHSs offer many tangible benefits to our lives, but also unfold diverse security risks. Several attacks have already been reported for SHSs. However, current security solutions consider smart home devices and apps individually to detect malicious actions rather than the context of the SHS as a whole. The existing mechanisms cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these issues, in this paper, we introduce Aegis, a novel context-aware security framework to detect malicious behavior in a SHS. Specifically, Aegis observes the states of the connected smart home entities (sensors and devices) for different user activities and usage patterns in a SHS and builds a contextual model to differentiate between malicious and benign behavior. We evaluated the efficacy and performance of Aegis in multiple smart home settings (i.e., single bedroom, double bedroom, duplex) with real-life users performing day-to-day activities and real SHS devices. We also measured the performance of Aegis against five different malicious behaviors. Our detailed evaluation shows that Aegis can detect malicious behavior in SHS with high accuracy (over 95%) and secure the SHS regardless of the smart home layout, device configuration, installed apps, and enforced user policies. Finally, Aegis achieves minimum overhead in detecting malicious behavior in SHS, ensuring easy deployability in real-life smart environments.
View
Sensitive Information Tracking in Commodity IoT
Article
Full-text available
  • Feb 2018
Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced manufacturing and other IoT apps have changed the way we live, play, and work. Yet extant IoT platforms provide few means of evaluating the use (and potential avenues for misuse) of sensitive information. Thus, consumers and organizations have little information to assess the security and privacy risks these devices present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates in three phases; (a) translation of platform-specific IoT source code into an intermediate representation (IR), (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data flows. We evaluate SainT on 230 SmartThings market apps and find 138 (60%) include sensitive data flows. In addition, we demonstrate SainT on IoTBench, a novel open-source test suite containing 19 apps with 27 unique data leaks. Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying potential threats to security and privacy.
View
Advertising in the IoT Era: Vision and Challenges
Article
Full-text available
  • Jan 2018
The Internet of Things (IoT) extends the idea of interconnecting computers to a plethora of different devices, collectively referred to as smart devices. These are physical items - i.e., "things" - such as wearable devices, home appliances, and vehicles, enriched with computational and networking capabilities. Due to the huge set of devices involved - and therefore, its pervasiveness - IoT is a great platform to leverage for building new applications and services or extending existing ones. In this regard, expanding online advertising into the IoT realm is an under-investigated yet promising research direction, especially considering that traditional Internet advertising market is already worth hundreds of billions of dollars. In this paper, we first propose the architecture of an IoT advertising platform inspired by the well-known business ecosystem, which the traditional Internet advertising is based on. Additionally, we discuss the key challenges to implement such a platform with a special focus on issues related to architecture, advertisement content delivery, security, and privacy of the users.
View
6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices
Article
Full-text available
  • Jun 2017
Sensors (e.g., light, gyroscope, accelerotmeter) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users' sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT) to detect malicious behavior associated with sensors. We implemented 6thSense on a sensor-rich Android smart device (i.e., smartphone) and collected data from typical daily activities of 50 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor (e.g., light), (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework costs minimal overhead.
View
6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices
Conference Paper
Full-text available
  • Aug 2017
Sensors (e.g., light, gyroscope, accelerometer) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users’ sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT) to detect malicious behavior associated with sensors. We implemented 6thSense on a sensor-rich Android smart device (i.e., smartphone) and collected data from typical daily activities of 50 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor (e.g., light), (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework costs minimal overhead.
View
An Investigative Study for Smart Home Security: Issues, Challenges and Countermeasures
Article
Full-text available
  • Jan 2016
Home security should be a top concern for everyone who owns or rents a home. Moreover, safe and secure residential space is the necessity of every individual as most of the family members are working. The home is left unattended for most of the day-time and home invasion crimes are at its peak as constantly monitoring of the home is difficult. Another reason for the need of home safety is specifically when the elderly person is alone or the kids are with baby-sitter and servant. Home security system i.e. HomeOS is thus applicable and desirable for resident’s safety and convenience. This will be achieved by turning your home into a smart home by intelligent remote monitoring. Smart home comes into picture for the purpose of controlling and monitoring the home. It will give you peace of mind, as you can have a close watch and stay connected anytime, anywhere. But, is common man really concerned about home security? An investigative study was done by conducting a survey to get the inputs from different people from diverse backgrounds. The main motivation behind this survey was to make people aware of advanced HomeOS and analyze their need for security. This paper also studied the necessity of HomeOS investigative study in current situation where the home burglaries are rising at an exponential rate. In order to arrive at findings and conclusions, data were analyzed. The graphical method was employed to identify the relative significance of home security. From this analysis, we can infer that the cases of having kids and aged person at home or location of home contribute significantly to the need of advanced home security system. At the end, the proposed system model with its flow and the challenges faced while implementing home security systems are also discussed.
View
An Experimental Study of Security and Privacy Risks with Emerging Household Appliances
Conference Paper
Full-text available
  • Oct 2014
Smart household appliances, ranging from light-bulbs and door-locks to power switches and smoke-alarms, are rapidly emerging in the marketplace, with predictions that over 2 billion devices will be installed within the next four years. However, security implementations vary widely across these devices, while privacy implications are unclear to users. In this paper we dissect the behavior of a few household devices, specifically the Phillips Hue light-bulb, the Belkin WeMo power switch, and the Nest smoke-alarm, and highlight the ease with which security and privacy can be compromised. We then propose a new solution to protect such devices by restricting access at the network-level. Our solution does not require changes from device manufacturers, reduces burden on the end-users, and allows security to be offered as an overlay service by the ISP or from a specialist provider in the cloud.
View
View
An investigative study for smart home security: Issues challenges and countermeasures. Wireless Sensor Network (2016) 61. Sudhir Chitnis Neha Deshpande and Arvind Shaligram. 2016. An investigative study for smart home security: Issues challenges and countermeasures
  • Neha Sudhir Chitnis
  • Arvind Deshpande
  • Shaligram