Identifying Vulnerabilities in Security and Privacy of Smart Home Devices

Chhetri, Chola; Motti, Vivian Genaro

doi:10.1007/978-3-030-58703-1_13

Cited by 7 publications

(4 citation statements)

References 59 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Nineteen papers covered by the meta-review focus on various common issues arising from security and privacy problems in a smart home. DeFranco and Kassab's 74,75,133,185] ✓ ✓ [51,55] ✓ ✓ [45,109,151,159,175] paper [52] covered the broad theme of general research avenues around smart home. While Kuyucu et al [99] reviewed papers relating to both privacy and security related issues and solutions, Liao et al [109] explored security problems, challenges, techniques used, and solutions available from a mobile computing point of view.…”

Section: Security and Privacy In Generalmentioning

confidence: 99%

“…Papers were further sub-categorized into 'Attack vector', 'Mitigation', and 'Stakeholder' and evaluated with 45 IoT devices to identify the research gaps. Researchers also explored the security vulnerabilities by different IoT devices [51] and smart home devices [45]. Batalla et al [25] classified the security threats in home area network devices by referring to the 3-layered approach of ENISA (European Union agency for Cybersecurity), i.e., perceptual, network and the application layer attack and physical attacks.…”

Section: Threats and Attacksmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of User Perspectives on Security and Privacy in a Home Networking Environment

Nandita

Nurse

2023

ACM Comput. Surv.

View full text Add to dashboard Cite

The security and privacy of smart home systems, particularly from a home user’s perspective, have been a very active research area in recent years. However, via a meta-review of 52 review papers covering related topics (published between 2000 and 2021), this paper shows a lack of a more recent literature review on user perspectives of smart home security and privacy since the 2010s. This identified gap motivated us to conduct a systematic literature review (SLR) covering 126 relevant research papers published from 2010 to 2021. Our SLR led to the discovery of a number of important areas where further research is needed; these include holistic methods that consider a more diverse and heterogeneous range of home devices, interactions between multiple home users, complicated data flow between multiple home devices and home users, some less-studied demographic factors, and advanced conceptual frameworks. Based on these findings, we recommended key future research directions, e.g., research for a better understanding of security and privacy aspects in different multi-device and multi-user contexts, and a more comprehensive ontology on the security and privacy of the smart home covering varying types of home devices and behaviors of different types of home users.

show abstract

Section: Security and Privacy In Generalmentioning

confidence: 99%

Section: Threats and Attacksmentioning

confidence: 99%

A Survey of User Perspectives on Security and Privacy in a Home Networking Environment

Nandita

Nurse

2023

ACM Comput. Surv.

View full text Add to dashboard Cite

show abstract

“…Prior research shows that vulnerabilities of SHDs can be exploited, resulting in the violation of users’ privacy (Chhetri and Motti, 2020). Various incidents that have received media attention, such as baby monitor hacks and botnet attacks, have demonstrated such possibilities.…”

Section: Introductionmentioning

confidence: 99%

Enhancing the design of data-related privacy controls for smart home devices

Chhetri

Motti

2023

ICS

View full text Add to dashboard Cite

Purpose Past research shows that users of smart home devices (SHDs) have privacy concerns. These concerns have been validated from technical research that shows SHDs introduce a lot of privacy risks. However, there is limited research in addressing these concerns and risks. This paper aims to bridge this gap by informing the design of data-related privacy controls for SHDs. Design/methodology/approach In this paper, the authors follow a user-centered design approach to design data-related privacy controls from design requirements backed by literature. The authors test the design for usability and perceived information control using psychometrically validated scales. For this purpose, two variations of the prototype (MyCam1 with a listing of data-related privacy controls and MyCam2 with three privacy presets) were created and tested them in a between-subjects experimental setting. Study participants (n = 207) were recruited via Mechanical Turk and asked to use the prototype app. An online survey was distributed to the participants to measure some usability and privacy-related constructs. Findings Findings show that the presented prototype designs were usable and met the privacy control needs of users. The prototype design with privacy presets (MyCam2) was found to be significantly more usable than the list of privacy controls (MyCam1). Originality The findings of this paper are original and build on the paper presented at the International Symposium on Human Aspects of Information Security and Assurance (HAISA 2022). This paper contributes improved and usable designs of privacy controls for smart home applications.

show abstract

“…SHDs have been known to contain privacy vulnerabilities (Chhetri & Motti, 2020) and raise privacy concerns in users and non-users (Haney et al, 2020;Zeng et al, 2017). Researchers and SHD designers cannot develop effective privacy-enhanced solutions without enabling the users (Chong et al, 2019), which requires an understanding of users' privacy concerns.…”

Section: Introductionmentioning

confidence: 99%

“I mute my echo when I talk politics”: Connecting Smart Home Device Users’ Concerns to Privacy Harms Taxonomy

Chhetri

Motti

2022

Proceedings of the Human Factors and Ergonomics Society Annual

Self Cite

View full text Add to dashboard Cite

With the proliferation of Internet of Things devices, smart home devices are expected to increase in use. However, experts have raised privacy concerns regarding these devices. As the body of literature on understanding privacy concerns continues to emerge, we realize the need for a privacy concerns taxonomy to standardize and facilitate common understanding of privacy concerns. To address this gap, we conducted 25 interviews of smart home device users and analyzed their privacy concerns qualitatively. This paper contributes analysis of user privacy concerns from the angle of privacy taxonomy theory. It examines whether privacy concerns could be characterized by Solove’s taxonomy of privacy, which is a well-recognized privacy taxonomy for informational privacy. We further discuss results and their implications.

show abstract

Identifying Vulnerabilities in Security and Privacy of Smart Home Devices

Cited by 7 publications

References 59 publications

A Survey of User Perspectives on Security and Privacy in a Home Networking Environment

A Survey of User Perspectives on Security and Privacy in a Home Networking Environment

Enhancing the design of data-related privacy controls for smart home devices

“I mute my echo when I talk politics”: Connecting Smart Home Device Users’ Concerns to Privacy Harms Taxonomy

Contact Info

Product

Resources

About