security analysis of emerging smart home applications
play

SECURITY ANALYSIS OF EMERGING SMART HOME APPLICATIONS Earlence - PowerPoint PPT Presentation

Aug 18, 2023 •538 likes •858 views

SECURITY ANALYSIS OF EMERGING SMART HOME APPLICATIONS Earlence Fernandes, Jaeyeon jung, Atul Prakash Presented by Surya Mani Content Motivation Related Work SmartThings-Big Picture Security Analysis Proof-of-concept attacks

  1. SECURITY ANALYSIS OF EMERGING SMART HOME APPLICATIONS Earlence Fernandes, Jaeyeon jung, Atul Prakash Presented by Surya Mani

  2. Content ´ Motivation ´ Related Work ´ SmartThings-Big Picture ´ Security Analysis ´ Proof-of-concept attacks ´ Defense Mechanism

  3. Motivation ´ Huge number of connected gadgets, systems and appliances that do a wide variety of different things. ´ Though it provides user with benefits, it also expose user to security risks

  4. Related Work ´ A framework for evaluating security risks associated with technologies used at home- Denning ´ Device front ´ MyQ garage system, Wink Relay touch controller, Honeywell Tuxedo Touch Controller ´ Investigate the feasibility of causing physical harm through the explosion of CFLs through an exploited home automation system ´ Use Case : sharing smart devices with others ´ Protocol Front – Zigbee and Zwave protocol ´ Investigation on cause of over privilege due to insufficient API documentation and guidelines on different types of permission- Felt

  5. IoT Paper ´ First in-depth security analysis of one such “smart home” platform that allows anyone to control their home appliances from light bulbs to locks with a PC or smartphone. ´ Demonstrate programming framework design flaws ´ Analyze protocol operating between SmartThings backend and the client- side web IDE ´ Remote attacks that weaken the home security system independent of specific protocol in use. ´ Evaluation of SmartThings capability model in protecting sensitive device operations

  6. Smart Home applications

  7. SmartThings ´ SmartThings interconnects separately operating home appliances to create a fully connected SmartThings home controlled by smartphone apps. ´ The main goal of SmartThings is to provide a new class of automation by connecting appliances to one another, to the Internet, and to homeowners.

  8. Big Picture

  9. SmartThings - cont. Three main components ´ Hubs ´ SmartThings Cloud Backend ´ Smartphone companion app

  10. SmartThings System • SmartApps and SmartDevices • Capabilities and Authorization • Events and Subscriptions • Webservice SmartApps • Sandboxing

  11. SmartApp Structure

  12. Security Analysis ´ Occurrence of over privilege in SmartApps ´ Insufficient sensitive event data protection ´ Insecurity of third party integration ´ Unsafe use of groovy dynamic method invocation ´ Unrestricted Communication abilities via API Access control

  13. Occurrence of over privilege in SmartApps Because of SmartThings Framework ´ Capabilities – Coarse-grained, providing access to multiple commands and attributes for a device (55%) E.g. Capability.lock (Commands: lock and unlock, attribute : lock) ´ SmartApp obtain more capabilities than it request because of SmartApp- SmartDevice binding (42%) E.g. SmartApp uses capability.battery

  14. Lock Allow for the control of a lock device Light Preferences Reference Allows for the control of a light device capability.lock Preferences Reference Attributes capability.light //consider it for Oven lock: ENUM Attributes The state of the lock device switch: ENUM locked A string representation of whether the light is on or off The device is locked off unknown The value of the switch attribute if the light is off The state of the device is unknown on unlocked The value of the switch attribute if the light is on The device is unlocked Commands unlocked with timeout off() The device is unlocked with a timeout Turn a light off Commands on() lock() Turn a light on Lock the device unlock() Unlock the device

  15. Example of over privilege

  16. Insufficient sensitive event data protection Because of insecure event sub-system design ´ After a SmartApp is approved to access a SmartDevice, it monitors any data published by SmartDevice (e.g. Lock codes) ´ SmartApp which acquired 128-bit identifier(unique to SmartDevice) can monitor all the events. subscribe( deviceObj, attrstring, handler) ´ Events generated from devices can be spoofed. As the framework, ´ does not have control over raising events ´ verify the integrity or the origin of an event by triggered SmartApps

  17. Insecurity of third party integration ´ OAuth bearer token – attached to request while invoking the WebService SmartApp HTTP endpoints

  18. Unsafe use of groovy dynamic method invocation ´ String representation of a command is received over HTTP def str = “foo” ´ The string is executed directly by dynamic method invocation (method can be invoked using name as a string) foo() Unrestricted Communication abilities via API Access control ´ No restrictions on outbound Internet communication of SmartApps -leaks sensitive information

  19. Empirical security analysis

  20. PROOF-OF-CONCEPT ATTACKS

  21. A. Backdoor pin Code Injection Attack ´ Over privilege using SmartApp-SmartDevice coarse-binding ´ Stealing an OAuth token using the hard-coded secret in the existing binary ´ Getting a victim to click on a link pointing to the SmartThings Web site ´ Command injection to an existing Webservice SmartApp

  22. Stealing the OAuth Token GET https://graph.api.smartthings.com/oauth/ authorize? response_type=code& client_id=YOUR-SMARTAPP-CLIENT-ID& scope=app& redirect_uri=YOUR-SERVER-URI parameter value response_type Use code to obtain the authorization code. client_id The OAuth client ID of the SmartApp. scope This should always be “app” for this authorization flow. redirect_uri The URI of your server that will receive the authorization code.

  23. Command Injection Attacks ´ WebService SmartApp associated with the third-party Android app uses Groovy dynamic method invocation ´ Format of the command string needed to activate the SmartApp endpoint

  24. B. Door Lock Pin Code Snooping Attack 1 zw device:02, 2 command:9881, 3 payload:00 63 03 04 01 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 4 parsed to 5 [[’name’:’codeReport’, ’value’:4, 6 ’data’:[’code’:’8877’], 7 ’descriptionText’:’ZWave Schlage Lock code 4 set’, 8 ’displayed’: true , 9 ’isStateChange’: true , 10 ’linkText’:’ZWave Schlage Lock’]]

  25. C. Disabling Vacation Mode Attack ´ Depends on the “mode” property of the location object ´ SmartThings does not have security controls around the SendLocationEvent API ´ Even spoofing by the attack SmartApp ´ Attack launched from any SmartApp without requiring the specific capabilities

  26. D. Fake Alarm Attack ´ Attack launched from any SmartApp without requiring the specific capabilities ´ Attack SmartApp is installed in the system ´ Even spoofing by the attack SmartApp ´ Controlling the device

  27. Survey Study of SmartThings Users

  28. Table VI

  29. Defense Mechanism

  30. THANK YOU

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul Prakash IEEE Security and Privacy 24 May 2016 Smart Door Locks CO Sensors Connected Ovens Smart Plugs IP Cameras Emerging Smart Home Frameworks

502 views • 35 slides
Security Analysis of Emerging Smart Home Applica6ons Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applica6ons Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applica6ons Earlence Fernandes, Jaeyeon Jung, Atul Prakash Presented by: Gohar Irfan Chaudhry IEEE Security and Privacy 24 May 2016 Smart Door Locks nsors Connected Ovens Plugs IP Cameras Emerging

484 views • 31 slides
SoK: Security Evaluation of Home-based IoT Deployments Omar Alrawi , Chaz Lever, Fabian Monrose,

SoK: Security Evaluation of Home-based IoT Deployments Omar Alrawi , Chaz Lever, Fabian Monrose,

SoK: Security Evaluation of Home-based IoT Deployments Omar Alrawi , Chaz Lever, Fabian Monrose, Manos Antonakakis 1 2 Alexa, unlock the front door. 3 Internet of Things 4 5 Prior Work Security Analysis of Emerging Smart Home

592 views • 22 slides
Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG jacob.fahrenkrug@yetu.com http://yetu.com twitter: @yetuAG, @jacobfahrenkrug 2 Definition of Smart Home 3 Smart Home is not home automation! 4 5 6

243 views • 23 slides
Power Consumption Analysis and Hardware Security Arnaud Tisserand CNRS, Lab-STICC laboratory

Power Consumption Analysis and Hardware Security Arnaud Tisserand CNRS, Lab-STICC laboratory

Power Consumption Analysis and Hardware Security Arnaud Tisserand CNRS, Lab-STICC laboratory Cergy, December 2017 Applications with Security Needs Applications : smart cards, computers, Internet, telecommunications, set-top boxes, data storage,

763 views • 63 slides
Home Security and Automation On The Road And At Home Eric McHenry (#2242) Region 12 // Greater

Home Security and Automation On The Road And At Home Eric McHenry (#2242) Region 12 // Greater

Home Security and Automation On The Road And At Home Eric McHenry (#2242) Region 12 // Greater Bay Area Airstream Club eric.mchenry@airstreamclub.net Topics Security and automation objectives Traditional vs. emerging home security and

594 views • 31 slides
Section 8: Smart Home Security & Privacy CSE 484 / CSE M 584 Administrivia May 22 nd May 29

Section 8: Smart Home Security & Privacy CSE 484 / CSE M 584 Administrivia May 22 nd May 29

Section 8: Smart Home Security & Privacy CSE 484 / CSE M 584 Administrivia May 22 nd May 29 th June 8 th Lab 2 Due HW 3 & Final Project Checkpoint Final Project Due #2 Due Memorial Day Lab 3 Due May 25 th June 5 th The Smart Home

760 views • 31 slides
APPLYING SMART CARDS FOR SECURITY CRITICAL MOBILE APPLICATIONS Michael Hlzl Institut of

APPLYING SMART CARDS FOR SECURITY CRITICAL MOBILE APPLICATIONS Michael Hlzl Institut of

APPLYING SMART CARDS FOR SECURITY CRITICAL MOBILE APPLICATIONS Michael Hlzl Institut of Networks and Security, JKU Linz PhD defense 2 nd of March 2018 14:15-15:45, Science Park 3 Room S3 218 MOTIVATION Trend towards security and

541 views • 28 slides
Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Do Privacy and Security Matter to Everyone? Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M. Barbosa , Zhuohao Zhang, Yang Wang The Smart Home Adoption-Concern Conundrum

639 views • 10 slides
What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on autopilot! My Loxone Smart Home and I think alike. If I ever want to change something, a single press on a switch is enough. Simple To Use

95 views • 9 slides
Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina Markopoulou, and Brian Demsky Smart Home 2 Smart Home Smart Plugs 2 Smart Home Smart Plugs Light Bulbs 2 Smart Home Smart Plugs Light Bulbs

1.92k views • 146 slides
Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop Karl Levitt Jeff Rowe University of California, Davis 1 / 21 2 / 21 3 / 21 4 / 21 Security Many things can go wrong... malicious firmware

803 views • 36 slides
Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own home in a smart home. Combining new and innovative technology with our smart software allows your home to deliver support in your daily life.

428 views • 20 slides
Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes Dimitrios-Georgios Akestoridis,

Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes Dimitrios-Georgios Akestoridis,

Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes Dimitrios-Georgios Akestoridis, Madhumitha Harishankar, Michael Weber, and Patrick Tague Carnegie Mellon University ACM WiSec 2020 Motivation Smart home network security affects

867 views • 64 slides
ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker

ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker

ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker IP Camera Shock Sensor Sensor ZIPATILE Alarm Siren Noise Sensor A L L I N O N E ZipaTile is the complete home control system in a form of

208 views • 18 slides
Security analysis of Dutch smart metering systems Sander Keemink and Bart Roos July 2, 2008 1 /

Security analysis of Dutch smart metering systems Sander Keemink and Bart Roos July 2, 2008 1 /

Security analysis of Dutch smart metering systems Security analysis of Dutch smart metering systems Sander Keemink and Bart Roos July 2, 2008 1 / 19 Security analysis of Dutch smart metering systems 1 Smart metering introduction 2 Theoretical

430 views • 19 slides
Brian Jackson, MD, MS Assoc Prof of Pathology (Clinical), University of Utah Medical Director,

Brian Jackson, MD, MS Assoc Prof of Pathology (Clinical), University of Utah Medical Director,

How to make smart insourcing and outsourcing decisions for hospital laboratory services Brian Jackson, MD, MS Assoc Prof of Pathology (Clinical), University of Utah Medical Director, Support Svcs & IT, ARUP Laboratories Goal of

368 views • 34 slides
Smart Writing for Business Websites Tom Tortorici Slides/Ebook TomTortorici.com/WCATL Twitter

Smart Writing for Business Websites Tom Tortorici Slides/Ebook TomTortorici.com/WCATL Twitter

Smart Writing for Business Websites Tom Tortorici Slides/Ebook TomTortorici.com/WCATL Twitter @tom_tortorici S M A R T W R I T I N G F O R B U S I N E S S W E B S I T E S The Strategy Little Wizard TOYS GAMES SYSTEMS ORDERING

585 views • 47 slides
Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

HomeScan: Scrutinizing Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong and Zhenkai Liang 1 Background IoT-enhanced smart home is getting popular

702 views • 30 slides
Large-Scale Deep Learning for Intelligent Computer Systems Jeff Dean In collaboration with many

Large-Scale Deep Learning for Intelligent Computer Systems Jeff Dean In collaboration with many

Large-Scale Deep Learning for Intelligent Computer Systems Jeff Dean In collaboration with many other people at Google Web Search and Data Mining Web Search and Data Mining Really hard without understanding Not there yet, but making

1.13k views • 97 slides
RESOLUTION FOR SMART DEVICES USING ACOUSTIC CHANNEL BY MOSTAFA UDDIN AND DR TAMER NADEEM WI-FI

RESOLUTION FOR SMART DEVICES USING ACOUSTIC CHANNEL BY MOSTAFA UDDIN AND DR TAMER NADEEM WI-FI

HARMONY: CONTENT RESOLUTION FOR SMART DEVICES USING ACOUSTIC CHANNEL BY MOSTAFA UDDIN AND DR TAMER NADEEM WI-FI NETWORKS 74% of smartphones data goes through Wi-Fi Low/free cost and high throughput Enhancing Wi-Fi network performance

300 views • 17 slides
Getting SMART about Developing Individualized, Adaptive Health Interventions: An Introduction to a

Getting SMART about Developing Individualized, Adaptive Health Interventions: An Introduction to a

Getting SMART about Developing Individualized, Adaptive Health Interventions: An Introduction to a Novel Experimental Study Design 6 th Annual Advanced Training Institute on Health Behavior Theory Madison, Wisconsin Thursday, July 19,

1.15k views • 97 slides
Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors Yanzi Zhu * ,

Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors Yanzi Zhu * ,

Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors Yanzi Zhu * , Zhujun Xiao , Yuxin Chen, Zhijing Li * , Max Liu, Ben Y. Zhao, Heather Zheng University of Chicago, *UC Santa Barbara 1 Smart Devices are Everywhere

380 views • 19 slides
Hardware Acceleration Cloud BU, Huawei Huawei Cloud Architecture MarketPlace and

Hardware Acceleration Cloud BU, Huawei Huawei Cloud Architecture MarketPlace and

High performance Cloud with Hardware Acceleration Cloud BU, Huawei Huawei Cloud Architecture MarketPlace and API/SDK Marketplace Partner

351 views • 22 slides

More recommend