Future Security of Smart Speaker and IoT Smart Home Devices

Godwin, Shawn; Glendenning, Brett; Gagneja, Kanwalinderjit Kaur

doi:10.1109/mobisecserv.2019.8686545

Cited by 11 publications

(8 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wi-Fi networks remain a key vulnerability for smart homes. For example, Godwin et al [96] showed that it was challenging to break into a common voice-based home assistant using the Bluetooth protocol, but the internal Wi-Fi network could be compromised during device setup. The heterogenous nature of networks inside a home also exacerbates the situation.…”

Section: ) Rq1: Smart Home Device Securitymentioning

confidence: 99%

“…Eavesdropping [64][65] Node capture and replay attacks [66] Sleep deprivation attack [67] DDoS attack [68] Internet pairing default password [70] Configuration and device authentication [71], [85] Legacy authentication mechanism [72] Exposed services [75] Overprivileged configuration Apps [76], [84] Insecure hardware interfaces [73] OTA Updates and upgradeability weakness [75][76] Critical vulnerabilities: side channel, spyware, and backdoor pin code injection [83] Voice spoofing [79] Communal acts like renting, lending, etc. [80] Hardware-level attacks [82] COTS obsolescence risk [81] RQ2: Network Authentication and communication [87], [89] Default password [85][86] Insecure protocols [24], [91] Susceptibility to MITM attack [88][89], [95] Inappropriate use of encryption [94] Protocol attacks [96], [106] Relay attack [97] Sensitive data [100] Prospective attacks [98][99] Social engineering [99] RQ3: Cloud Information disclosure and access control [116][117] Authentication and verification [119], [94] Exploitable services [112]…”

Section: Rq1: Devicementioning

confidence: 99%

See 1 more Smart Citation

Ranking Security of IoT-Based Smart Home Consumer Devices

AlLifah

Zualkernan

2022

IEEE Access

View full text Add to dashboard Cite

Smart home consumer devices like home theatres, music players, voice-based assistants, smart lighting, and security cameras have widely adopted the Internet of Things (IoT). These devices pose a significant security risk to consumers because the devices are exposed to mobile applications and cloud-based services with known security vulnerabilities. IoT technologies also introduce additional vulnerabilities specific to smart home architectures. Most current home consumer devices provide little or no information about the level of security they afford. Since most consumers are not tech-savvy, it is currently difficult for a consumer to make an informed decision about which consumer device model (e.g., which smart television model?) has the best security. Hence, consumers need an objective security ranking of each type (e.g., security cameras) of home consumer devices. This paper proposes a novel methodology to systematically build such security rankings for home consumer devices. The proposed methodology can be applied by utilizing data from any security assessment study. The paper discusses previous efforts in applying Analytic Hierarchy Process (AHP) to rank security risks in general. The paper also presents a systematic survey of security vulnerabilities of smart home consumer devices when viewed from an IoT lens. Using the proposed methodology, a case study where an AHP model for ranking commonly used home consumer devices including home theatres, security cameras, smart lighting, smart speakers, video surveillance, smart switches, home automation systems, home security systems, smart routers, wireless doorbell cameras, and home audio systems, was developed. Relative security rankings for each type of consumer device were derived from the AHP model. According to the AHP model, network security was the primary driver of smart home device security with a priority of 0.6893 while application security had the least priority of 0.0591. Critical Vulnerabilities were the most important for device security (priority=0.4397), Man-in-The-Middle attacks for network security (priority=0.2019), exploitable services for cloud security (priority=0.26), and sensitive data for application security (0.7626). The AHP model was internally consistent (Consistency Ratio < 0.1). Sensitivity analysis showed that the AHP model was robust against pairing assumptions.INDEX TERMS AHP, consumer applications, cloud computing, home consumer devices, Internet of Things, network security, smart home.

show abstract

Section: ) Rq1: Smart Home Device Securitymentioning

confidence: 99%

Section: Rq1: Devicementioning

confidence: 99%

Ranking Security of IoT-Based Smart Home Consumer Devices

AlLifah

Zualkernan

2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…83 Another goal that can be attained through traffic analysis is detecting the presence of an individual in the house hosting the smart speaker, even if they are not interacting with the device, as shown in Caputo et al 72,73 While those attacks may be conducted from a remote location, attacks conducted through Bluetooth, that is, in the immediate surroundings of the device, do not appear to be an issue, depending on the adoption of the latest versions of the operating system and patches. 69 Moving to the attacks conducted in the house, or at least as close to the smart speaker as its hearing capabilities allow, we see papers examining the possibility of faking or twisting voice commands. An attempt to classify the risks associated with voice commands is performed in Burym et al, 75 which lists the reuse of the recorded voice, the undue activation of the device, or the control of the device itself.…”

Section: Vulnerabilitiesmentioning

confidence: 99%

Privacy in smart speakers: A systematic literature review

Maccario

Naldi

2022

Security and Privacy

View full text Add to dashboard Cite

Parallel to the increasing use of smart speakers (aka virtual assistants), privacy concerns emerge. In this article, we provide a systematic review of the literature on privacy issues in smart speakers. Both Scopus and Web of Science databases are examined, as well as the preprint repository arXiv, to take into account the most recent contributions. That literature exhibits a continuously growing trend in the last 4 years, with the USA being the single largest contributor to the field.The topics debated in the literature concern the perception of privacy issues, their contribution to adoption choices, the identification of vulnerabilities, the proposal of possible countermeasures, and (last and least) the analysis of the legal cases that are arising.

show abstract

“…New ideas also involve speakers and voice assistants in the interaction between residents and the IoT system. In [89] was presented "hands-on" testing for echo functions available from Amazon device.…”

Section: E Virtual Reality and Roboticsmentioning

confidence: 99%

Smart Homes: How Much Will They Support Us? A Research on Recent Trends and Advances

et al. 2021

View full text Add to dashboard Cite

The advances in the Internet of Things (IoT) provide several chances to develop a variety of innovations supporting smart home users in several industries including healthcare, energy management, etc. Ubiquitous support by intelligent appliances at modern homes, which constantly work to gather information can help us to solve everyday issues. In this paper, we present a comparative study of recent advances in smart home development. The study aims to present the main trends in this field. During the analysis of the research reports and patents, we identify the propositions that constitute the main research streams. Through extensive analysis, we provide an outlook on the wide spectrum of the proposed solutions. We also analyze the main market to present which publishers are leading with the innovative science in this field. We also show the leaders of science and technology in the World. Finally, we define the ratio of the developments and outline the next stage of the development in the smart home industry. INDEX TERMS Internet of Things (IoT), smart home, healthcare, energy management, security. I. INTRODUCTION O VER time, the type of home was evolving. The shape of the house was evolving during ages, cultural revolutions, and climate changes. We have divided our homes into rooms devoted to sleeping, cooking, work, children, sanitary needs, warehousing, etc. People started to settle in various locations and continents.

show abstract

Future Security of Smart Speaker and IoT Smart Home Devices

Cited by 11 publications

References 13 publications

Ranking Security of IoT-Based Smart Home Consumer Devices

Ranking Security of IoT-Based Smart Home Consumer Devices

Privacy in smart speakers: A systematic literature review

Smart Homes: How Much Will They Support Us? A Research on Recent Trends and Advances

Contact Info

Product

Resources

About