IoT Phantom-Delay Attacks: Demystifying and Exploiting IoT Timeout Behaviors

Chenglong Fu, Qiang Zeng, Haotian Chi, Xiaojiang Du, Siva Likitha Valluru

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

This paper unveils a set of new attacks against Internet of Things (IoT) automation systems. We first propose two novel IoT attack primitives: Event Message Delay and Command Message Delay (event messages are generated by IoT devices to report device states, and command messages are used to control IoT devices). Our insight is that timeout detection in the TCP layer is decoupled from data protection in the Transport Layer Security (TLS) layer. As a result, even when a session is protected by TLS, its IoT event and/or command messages can still be significantly delayed without triggering alerts. It is worth highlighting that, by compromising/controlling one WiFi device in a smart environment, the attacker can delay the IoT messages of other non-compromised IoT devices; we thus call the attacks IoT Phantom-Delay Attacks. Our study shows the attack primitives can be used to build rich attacks and some of them can induce persistent effects. The presented attacks are very different from jamming. 1) Unlike jamming, our attacks do not discard any packets and thus do not trigger re-transmission. 2) Our attacks do not cause disconnection or timeout alerts. 3) Unlike reactive jamming, which usually relies on special hardware, our attacks can be launched from an ordinary WiFi device. Our evaluation involves 50 popular IoT devices and demonstrates that they are all vulnerable to the phantom-delay attacks. Finally, we discuss the countermeasures. We have contacted multiple IoT platforms regarding the vulnerable IoT timeout behaviors, and Google, Ring and SimpliSafe have acknowledged the problem.

Original languageEnglish
Title of host publicationProceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022
Pages428-440
Number of pages13
ISBN (Electronic)9781665416931
DOIs
StatePublished - 2022
Event52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022 - Baltimore, United States
Duration: 27 Jun 202230 Jun 2022

Publication series

NameProceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022

Conference

Conference52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2022
Country/TerritoryUnited States
CityBaltimore
Period27/06/2230/06/22

Keywords

  • Delay
  • Home Automation
  • IoT

Fingerprint

Dive into the research topics of 'IoT Phantom-Delay Attacks: Demystifying and Exploiting IoT Timeout Behaviors'. Together they form a unique fingerprint.

Cite this