Uncovering Security Vulnerabilities in the Belkin WeMo Home Automation Ecosystem

Liu, Haoyu; Spink, Tom; Patras, Paul

doi:10.1109/percomw.2019.8730685

Cited by 14 publications

(5 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Secure storage could be achieved with the help of a permission oriented operating system running on top of the client application, or with hardware support in the case of embedded devices. For example one could use Zymbit, 11 which provides an encrypted filesystem and key management support, to secure Raspberry Pi (RPi) devices, as those we used in our experiments.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

An Experimental Evaluation of MQTT Authentication and Authorization in IoT

Michaelides

Sengul

Patras

2021

Proceedings of the 15th ACM Workshop on Wireless Network Testbeds, Experimental Evaluation &Amp; CHaracterization

Self Cite

View full text Add to dashboard Cite

Security vulnerabilities make the Internet of Things (IoT) systems open to online attacks that threaten both their operation and user privacy. Among the many protocols governing IoT operation, MQTT has seen wide adoption, but comes with rudimentary security support. Specifically, while the MQTT standard strongly recommends that servers (brokers) offer Transport Layer Security (TLS), it is mainly concerned with the message transmission protocol, leaving to implementers the responsibility for providing appropriate security features. However, well-known solutions for Web Security (OAuth2) exist, which may benefit MQTT. This paper presents systematic implementation efforts and practical experimentation to evaluate the feasibility of one such approach, namely the MQTT-TLS profile for the Authentication and Authorization in Constrained Environments (ACE), recently specified by the IETF. Our implementation includes the functionality for (1) the Authorization Server (AS), to handle client registration, authorization policies, and Access Tokens; (2) the MQTT broker, to enforce authentication in both MQTT versions 3.1.1 and 5. Together, these enable ACE-MQTT clients to use (3) OAuth2-based authentication and authorization via Proof of Possession tokens. We make the source-code of our ACE-MQTT implementation publicly available, and evaluate it against plain MQTT systems in realistic settings with different computation constraints. To assess the cost of security, we measure the CPU, memory, network usage, and energy consumption. The results obtained confirm that the ACE requirements match the capabilities of moderately constrained devices, hence providing an affordable mechanism to secure MQTT systems. CCS CONCEPTS• Networks → Network experimentation; Cyber-physical networks; • Security and privacy → Security protocols.

show abstract

Section: Discussionmentioning

confidence: 99%

“…Security, including authentication, data integrity, and confidentiality, often remain an afterthought. These mixed-up priorities create risks, as IoT devices become susceptible to malware infection [1], services prone to disruption [18], and user data vulnerable to privacy leaks [6,11].…”

Section: Introductionmentioning

confidence: 99%

An Experimental Evaluation of MQTT Authentication and Authorization in IoT

Michaelides

Sengul

Patras

2021

Proceedings of the 15th ACM Workshop on Wireless Network Testbeds, Experimental Evaluation &Amp; CHaracterization

Self Cite

View full text Add to dashboard Cite

show abstract

“…(iii) Fake command is injected by by an attacker into an IoT device [14]. Say, smart speakers and smart switches may accept fake commands from a local network without authenticating sources [15], [16]. (iv) Command interception.…”

Section: B Attacks On Iot Devicesmentioning

confidence: 99%

IMEO: Anomaly Detection for IoT Devices using Semantic-based Correlations

Oh,

Hong,

Kim

et al. 2024

IJACSA

View full text Add to dashboard Cite

In the Internet of Things (IoT) security, anomalies due to attacks or device malfunctions can have serious consequences in our daily lives. Previous solutions have been struggling with high rates of false alarms and missing many actual anomalies. They also take a long time to detect anomalies even if they successfully detect anomalies. To overcome the limitations, this paper proposes a novel anomaly detection system, named IoT Malfunction Extraction Observer (IMEO), that utilizes semantics and correlation information for smart homes. Given IoT devices installed at home, IMEO creates virtual correlations based on semantic information such as applications, device types, relationships, and installation locations. The generated correlations are validated and improved using event logs extracted from smart home applications. The finally extracted correlations are then used to simulate the normal behaviors of the smart home. Any discrepancy between the actual state of a device and the simulated state is reported as abnormal while comparing correlations and event logs. IMEO also utilizes the observation that malfunctions of IoT devices occur repeatedly. An anomaly database is created and used so that repetitive malfunctions are quickly detected, which eventually reduces processing time. This paper builds a smart home testbed on a real-world residential house and deploys IoT devices. Six different types of anomalies are analyzed, synthesized, and injected to the testbed, with which IMEO's detection performance is evaluated and compared with the state-of-the-art correlation-only detection method. Experimental results demonstrate that the proposed method achieves higher performance of detection accuracy with faster processing time.

show abstract

“…It is difficult to maintain security at the application layer because of lack of sufficient protocol security services, incorrect configuration, and resource limitations [127]. For example, Liu et al [128] showed that it was possible to emulate a commercial edge device using software and then fooling the associated mobile App to uncover home Wi-Fi passphrases, and to trap the user into disclosing personal information. Similarly, Margulies [129] argued that linking garage door openers to the internet network using mobile Apps might easily pose a security threat.…”

Section: ) Rq4: Smart Home Application Securitymentioning

confidence: 99%

Ranking Security of IoT-Based Smart Home Consumer Devices

AlLifah

Zualkernan

2022

IEEE Access

View full text Add to dashboard Cite

Smart home consumer devices like home theatres, music players, voice-based assistants, smart lighting, and security cameras have widely adopted the Internet of Things (IoT). These devices pose a significant security risk to consumers because the devices are exposed to mobile applications and cloud-based services with known security vulnerabilities. IoT technologies also introduce additional vulnerabilities specific to smart home architectures. Most current home consumer devices provide little or no information about the level of security they afford. Since most consumers are not tech-savvy, it is currently difficult for a consumer to make an informed decision about which consumer device model (e.g., which smart television model?) has the best security. Hence, consumers need an objective security ranking of each type (e.g., security cameras) of home consumer devices. This paper proposes a novel methodology to systematically build such security rankings for home consumer devices. The proposed methodology can be applied by utilizing data from any security assessment study. The paper discusses previous efforts in applying Analytic Hierarchy Process (AHP) to rank security risks in general. The paper also presents a systematic survey of security vulnerabilities of smart home consumer devices when viewed from an IoT lens. Using the proposed methodology, a case study where an AHP model for ranking commonly used home consumer devices including home theatres, security cameras, smart lighting, smart speakers, video surveillance, smart switches, home automation systems, home security systems, smart routers, wireless doorbell cameras, and home audio systems, was developed. Relative security rankings for each type of consumer device were derived from the AHP model. According to the AHP model, network security was the primary driver of smart home device security with a priority of 0.6893 while application security had the least priority of 0.0591. Critical Vulnerabilities were the most important for device security (priority=0.4397), Man-in-The-Middle attacks for network security (priority=0.2019), exploitable services for cloud security (priority=0.26), and sensitive data for application security (0.7626). The AHP model was internally consistent (Consistency Ratio < 0.1). Sensitivity analysis showed that the AHP model was robust against pairing assumptions.INDEX TERMS AHP, consumer applications, cloud computing, home consumer devices, Internet of Things, network security, smart home.

show abstract

Uncovering Security Vulnerabilities in the Belkin WeMo Home Automation Ecosystem

Cited by 14 publications

References 7 publications

An Experimental Evaluation of MQTT Authentication and Authorization in IoT

An Experimental Evaluation of MQTT Authentication and Authorization in IoT

IMEO: Anomaly Detection for IoT Devices using Semantic-based Correlations

Ranking Security of IoT-Based Smart Home Consumer Devices

Contact Info

Product

Resources

About