how risky are real users ifttt applets
play

How Risky Are Real Users IFTTT Applets? Camille Cobb ( - PowerPoint PPT Presentation

May 26, 2023 •226 likes •399 views

How Risky Are Real Users IFTTT Applets? Camille Cobb ( @camPossible) , Milijana Surbatovich, Anna Kawakami, Mahmood Sharif, Lujo Bauer, Anupam Das, Limin Jia Smart-home devices can lead to risks End-User Programming 2 Smart-home devices

  1. How Risky Are Real Users’ IFTTT Applets? Camille Cobb ( @camPossible) , Milijana Surbatovich, Anna Kawakami, Mahmood Sharif, Lujo Bauer, Anupam Das, Limin Jia

  2. Smart-home devices can lead to risks End-User Programming 2

  3. Smart-home devices can lead to risks 3

  4. “applet” this that + + if then “trigger” “action” 4

  5. SECRECY VIOLATION if then SmartThings post a sensor message is closed to Slack 19,323 unique INTEGRITY VIOLATION applets [Surbatovich et al. 2017] 5 5

  6. SECRECY VIOLATION if then SmartThings post a sensor message is closed to Slack 50% Violating INTEGRITY 50% VIOLATION Safe [Surbatovich et al. 2017] 6 6

  7. Moving from theory to practice if then SmartThings post a ● What fraction of users’ sensor message IFTTT applets are is closed to Slack violating, in practice? ● How much and what Mailbox? To coworkers? types of harm are Main entrance? To my family? Door to a safe? Just to me? IFTTT users actually exposed to? 7

  8. We collected 743 rules from 28 IFTTT users if then SmartThings post a sensor message “If front Door is closed to Slack Sensor closed then post a message to a Slack Mailbox? To coworkers? service” [P28] Main entrance? To my family? Door to a safe? Just to me? 8

  9. Evaluating participants’ rules: automated analysis finds similar results 59% Violating 41% Safe 9

  10. Evaluating participants’ rules: considering context enables more accurate analysis Are all of these harmful? No! 59% Violating 743 unique rules Are any of 41% these potentially Safe harmful? 10

  11. Evaluating participants’ rules: considering context enables more accurate analysis Are all of these harmful? No! 59% Violating 743 unique rules Are any of SmartThings add a row to 41% if then these potentially Google sensor Safe harmful? is closed spreadsheet 11

  12. Evaluating participants’ rules: considering context enables more accurate analysis Are all of these harmful? Also safe No! 59% Violating 743 unique only ~14% rules Are any of 41% harmful these potentially Safe harmful? (not 59%) 12

  13. Evaluating participants’ rules: considering context enables more accurate analysis Are all of these harmful? Also safe No! 59% Violating 743 unique only ~14% rules Are any of 41% harmful these potentially Safe harmful? (not 59%) Yes! 13

  14. Evaluating participants’ rules: considering context enables more accurate analysis Are all of these harmful? if Alice’s then create Also safe No! 59% presence is journal Violating detected entry 743 unique only ~14% rules Are any of 41% harmful these potentially Safe harmful? (not 59%) Yes! 14

  15. Evaluating participants’ rules: considering context enables more accurate analysis 20% surveillance Are all of these risks for incidental harmful? users Also safe No! 59% Violating 743 unique only ~14% rules Are any of 41% harmful these potentially Safe harmful? (not 59%) Yes! 15

  16. How Risky Are Real Users’ IFTTT Applets? ● Real user data → New insights about risks & harms ○ Many “violating” rules are not harmful ○ “Non-violating” rules could be harmful ○ More in the paper! Camille Cobb ( @camPossible) , Milijana Surbatovich, Anna Kawakami, Mahmood Sharif, Lujo Bauer, Anupam Das, Limin Jia

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Find your own Applet! AppletPro helps users efficiently search and manage applets from different

Find your own Applet! AppletPro helps users efficiently search and manage applets from different

Find your own Applet! AppletPro helps users efficiently search and manage applets from different platforms by grabbing data from these platforms. Issues 1. Inefficient to search for applets you need from multiple platforms 2. Hard to manage

234 views • 7 slides
Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user, double-clickable/command-line Create a JPanel with the guts of the GUI/logic No restrictions on access, reads files, URLS, What will be in the

256 views • 6 slides
AppletPro helps users efficiently search and manage applets* by aggregating search results across

AppletPro helps users efficiently search and manage applets* by aggregating search results across

AppletPro helps users efficiently search and manage applets* by aggregating search results across different applet platforms. Applet Reminder *Applet: a trigger-action application providing simple services across apps such as Gmail, Trello, and

422 views • 13 slides
An An Empirical Characterization of IFTTT Ecosystem,

An An Empirical Characterization of IFTTT Ecosystem,

An An Empirical Characterization of IFTTT Ecosystem, Usage, and Performance Xianghang Mi, Feng Qian, Ying Zhang, XiaoFeng Wang Indiana University

354 views • 21 slides
Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make

Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make

I V N E U R S E I H T Y T O H F G R E U D I B N Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make portability easy facilitates sharing of programs, which can be good and

428 views • 18 slides
The Risky Business of Onboarding Rick Pastoor @rickpastoor Onboarding: how new users get in

The Risky Business of Onboarding Rick Pastoor @rickpastoor Onboarding: how new users get in

The Risky Business of Onboarding Rick Pastoor @rickpastoor Onboarding: how new users get in @rickpastoor But wait, Im a developer? Why should I care? @rickpastoor 30 day projects: research for dummies @rickpastoor Identify Teach

559 views • 28 slides
APPLETS Write an HTML documents to host an applet Understand simple applets Use Labels

APPLETS Write an HTML documents to host an applet Understand simple applets Use Labels

APPLETS Write an HTML documents to host an applet Understand simple applets Use Labels with simple AWT applets Write a simple Swing applet and use a JLabel Add JTextField and JButton components to Swing applet Using the

949 views • 51 slides
CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet

CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet

CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet and more tools of trade Life cycle of an applet Simple drawing and events Conclusions CS126 21-1 Randy Wang Applets: Beyond Animated

624 views • 7 slides
CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet

CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet

CS 126 Lecture S2: Introduction to Java Applets Outline Introductions Your first applet and more tools of trade Life cycle of an applet Simple drawing and events Conclusions CS126 21-1 Randy Wang Applets: Beyond Animated

468 views • 13 slides
Applets as front-ends to server-side programming Objectives Introduce applets Examples of

Applets as front-ends to server-side programming Objectives Introduce applets Examples of

Applets as front-ends Applets as front-ends to server-side programming Objectives Introduce applets Examples of Java graphical programming How-to put an applet in a HTML page The HTML Applet tag and alternatives Applet

492 views • 18 slides
Lecture 10: Comparing Risky Prospects Alexander Wolitzky MIT 14.121 1 Risky Prospects Last class:

Lecture 10: Comparing Risky Prospects Alexander Wolitzky MIT 14.121 1 Risky Prospects Last class:

Lecture 10: Comparing Risky Prospects Alexander Wolitzky MIT 14.121 1 Risky Prospects Last class: studied decision-makers subjective attitude toward risk. This class: study objective properties of risky prospects (lotteries, gambles) themselves,

555 views • 18 slides
Risky Choice Framing Effects D E C I S I O N - M A K I N G I N T H E C O N T E X T O F P E R

Risky Choice Framing Effects D E C I S I O N - M A K I N G I N T H E C O N T E X T O F P E R

Risky Choice Framing Effects D E C I S I O N - M A K I N G I N T H E C O N T E X T O F P E R S O N A L R E L E V A N C E Kristin Radford Psychology 120 August 20 12 The Original Risky Choice Problem The Fram ing of Decisions and the

83 views • 7 slides
Bonds Ian Sykes James Bonds Bonds are risky too! Bonds are risky too! Still

Bonds Ian Sykes James Bonds Bonds are risky too! Bonds are risky too! Still

Bonds Ian Sykes James Bonds Bonds are risky too! Bonds are risky too! Still the best match Best match Diversification Diversifier New opportunities Extra returns No more James Bond puns

76 views • 7 slides
Modeling Portfolios that Contain Risky Assets Stochastic Models I: One Risky Asset C. David

Modeling Portfolios that Contain Risky Assets Stochastic Models I: One Risky Asset C. David

Modeling Portfolios that Contain Risky Assets Stochastic Models I: One Risky Asset C. David Levermore University of Maryland, College Park Math 420: Mathematical Modeling January 26, 2012 version 2011 Charles David Levermore c Modeling

217 views • 18 slides
Modeling Portfolios that Contain Risky Assets Stochastic Models II: Portfolios with Risky Assets

Modeling Portfolios that Contain Risky Assets Stochastic Models II: Portfolios with Risky Assets

Modeling Portfolios that Contain Risky Assets Stochastic Models II: Portfolios with Risky Assets C. David Levermore University of Maryland, College Park Math 420: Mathematical Modeling April 3, 2012 version 2011 Charles David Levermore c

210 views • 16 slides
Applets as front-ends to server-side programming DD1335 (Lecture 7) Basic Internet Programming

Applets as front-ends to server-side programming DD1335 (Lecture 7) Basic Internet Programming

Applets as front-ends Applets as front-ends to server-side programming DD1335 (Lecture 7) Basic Internet Programming Spring 2010 1 / 18 Applets as front-ends Applets as front-ends to server-side programming Objectives DD1335 (Lecture 7)

1.02k views • 98 slides
Applications and Applets An applet is a program delivered via the web security issues,

Applications and Applets An applet is a program delivered via the web security issues,

Applications and Applets An applet is a program delivered via the web security issues, sandbox model where does code/images/etc come from? How is it delivered? what browsers support the 1.1 AWT event model (what about 1.2)? Use

382 views • 3 slides
Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements

Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements

Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements Homework 3 out. Due Monday , Apr. 5 th Office hour change Sun Mon Tue Wed Thu Fri John 1-3 Class Class Lauren 11-12:15 11-12:15

1.37k views • 26 slides
Applet Class Applets are Java programs that can be invoked in web pages. To run an applet, Java

Applet Class Applets are Java programs that can be invoked in web pages. To run an applet, Java

Applet Class Applets are Java programs that can be invoked in web pages. To run an applet, Java creates an instance of the applet class. Graphics Certain methods run automatically: init() start() stop() paint() As with all methods, we can

325 views • 4 slides
Java Security: From HotJava to Netscape and Beyond Drew Dean, Ed Felten, Dan Wallach Safe

Java Security: From HotJava to Netscape and Beyond Drew Dean, Ed Felten, Dan Wallach Safe

Java Security: From HotJava to Netscape and Beyond Drew Dean, Ed Felten, Dan Wallach Safe Internet Programming Group Princeton University The Java Model Web server Web browser Java program URL lookup applet code byte code Verifier

458 views • 14 slides
What is a Jar File? Java archive (jar) files are compressed files that can store one or many

What is a Jar File? Java archive (jar) files are compressed files that can store one or many

Creating Jar Files Based on slides by: Jin Hung, Gregory Olds, George Blank, Sun Java Web Site What is a Jar File? Java archive (jar) files are compressed files that can store one or many files. Jar files normally contain java or class

434 views • 22 slides
Memory Consumption Analysis of Java Smart Cards G ERARDO S CHNEIDER University of Oslo - Norway

Memory Consumption Analysis of Java Smart Cards G ERARDO S CHNEIDER University of Oslo - Norway

Memory Consumption Analysis of Java Smart Cards G ERARDO S CHNEIDER University of Oslo - Norway Joint work with P ABLO G IAMBIAGI (SICS, Sweden) Previous collaboration with D AVID C ACHERA , T HOMAS J ENSEN AND D AVID P ICHARDIE (IRISA/INRIA,

1.13k views • 53 slides
Java Programming Unit 6 Inner Classes. Intro to HTML

Java Programming Unit 6 Inner Classes. Intro to HTML

Java Programming Unit 6 Inner Classes. Intro to HTML and Applets. Installing Apache Tomcat Server. (c) Farata Systems, L.L.C. 2014 Swing

684 views • 20 slides
Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface

Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface

Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface capabilities CPU : 16b/32b RISC @ handful of MhZ Math co-processor: RSA/DES/AES/ECC RAM : X KB HDD : XX..XXX KB (EEPROM) NET :

568 views • 36 slides

More recommend