TY - GEN
T1 - Cross-App Interference Threats in Smart Homes
T2 - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2020
AU - Chi, Haotian
AU - Zeng, Qiang
AU - Du, Xiaojiang
AU - Yu, Jiaping
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/6
Y1 - 2020/6
N2 - Internet of Thing platforms prosper home automation applications (apps). Prior research concerns intra-app security. Our work reveals that automation apps, even secured individually, still cause a family of threats when they interplay, termed as Cross-App Interference (CAI) threats. We systematically categorize such threats and encode them using satisfiability modulo theories (SMT). We present HomeGuard, a system for detecting and handling CAI threats in real deployments. A symbolic executor is built to extract rule semantics, and instrumentation is utilized to capture configuration during app installation. Rules and configuration are checked against SMT models, the solutions of which indicate the existence of corresponding CAI threats. We further combine app functionalities, device attributes and CAI types to label the risk level of CAI instances. In our evaluation, HomeGuard discovers 663 CAI instances from 146 SmartThings market apps, imposing minor latency upon app installation and no runtime overhead.
AB - Internet of Thing platforms prosper home automation applications (apps). Prior research concerns intra-app security. Our work reveals that automation apps, even secured individually, still cause a family of threats when they interplay, termed as Cross-App Interference (CAI) threats. We systematically categorize such threats and encode them using satisfiability modulo theories (SMT). We present HomeGuard, a system for detecting and handling CAI threats in real deployments. A symbolic executor is built to extract rule semantics, and instrumentation is utilized to capture configuration during app installation. Rules and configuration are checked against SMT models, the solutions of which indicate the existence of corresponding CAI threats. We further combine app functionalities, device attributes and CAI types to label the risk level of CAI instances. In our evaluation, HomeGuard discovers 663 CAI instances from 146 SmartThings market apps, imposing minor latency upon app installation and no runtime overhead.
UR - http://www.scopus.com/inward/record.url?scp=85090418412&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85090418412&partnerID=8YFLogxK
U2 - 10.1109/DSN48063.2020.00056
DO - 10.1109/DSN48063.2020.00056
M3 - Conference contribution
AN - SCOPUS:85090418412
T3 - Proceedings - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2020
SP - 411
EP - 423
BT - Proceedings - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2020
Y2 - 29 June 2020 through 2 July 2020
ER -