TY - GEN
T1 - Seeing Is Believing
T2 - 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2024
AU - Fu, Chenglong
AU - Du, Xiaojiang
AU - Zeng, Qiang
AU - Zhao, Zhenyu
AU - Zuo, Fei
AU - Di, Jia
N1 - Publisher Copyright:
© 2024 ACM.
PY - 2024/5/27
Y1 - 2024/5/27
N2 - Along with the increasing popularity of smart home IoT devices, more users are turning to smart home automation platforms to control and automate their IoT devices. However, IoT automation is vulnerable to spoofed event attacks. Given that IoT devices are intricately linked with the physical environment and operate autonomously, event-based attacks can pose serious safety and security challenges. Our observations show that many IoT events are accompanied by visual modifications in objects such as shape alterations (for example, contact sensor events correspond with door movement) or changes in color/brightness (for example, a functioning microwave oven with the internal light switched on). These alterations can be detected by the commonly deployed smart cameras, providing a visually rich but challenging to manipulate channel for verifying IoT events. We introduce IoTSentry, the first system of its kind to extract high-level semantic information from streaming video data and pixels for IoT event verification. We have designed a Siamese deep neural network to identify variations in the appearance of IoT devices and interior objects. These are used as the yardstick for verifying IoT events received at IoT automation platforms. Upon assessing IoTSentry with 21 IoT devices (8 types), the results demonstrate that IoTSentry can be trained within 120 seconds, yielding an accuracy rate of over 96.7% in recognizing device states. We have deployed the 21 IoT devices and IoTSentry on two real-world smart home test sites. Over the course of our one-week evaluation, IoTSentry consistently achieved an average detection rate of 99.24% in identifying attack instances. Moreover, it triggered no more than 2 false alarms per day on each test site.
AB - Along with the increasing popularity of smart home IoT devices, more users are turning to smart home automation platforms to control and automate their IoT devices. However, IoT automation is vulnerable to spoofed event attacks. Given that IoT devices are intricately linked with the physical environment and operate autonomously, event-based attacks can pose serious safety and security challenges. Our observations show that many IoT events are accompanied by visual modifications in objects such as shape alterations (for example, contact sensor events correspond with door movement) or changes in color/brightness (for example, a functioning microwave oven with the internal light switched on). These alterations can be detected by the commonly deployed smart cameras, providing a visually rich but challenging to manipulate channel for verifying IoT events. We introduce IoTSentry, the first system of its kind to extract high-level semantic information from streaming video data and pixels for IoT event verification. We have designed a Siamese deep neural network to identify variations in the appearance of IoT devices and interior objects. These are used as the yardstick for verifying IoT events received at IoT automation platforms. Upon assessing IoTSentry with 21 IoT devices (8 types), the results demonstrate that IoTSentry can be trained within 120 seconds, yielding an accuracy rate of over 96.7% in recognizing device states. We have deployed the 21 IoT devices and IoTSentry on two real-world smart home test sites. Over the course of our one-week evaluation, IoTSentry consistently achieved an average detection rate of 99.24% in identifying attack instances. Moreover, it triggered no more than 2 false alarms per day on each test site.
KW - internet of things
KW - security
KW - smart home
UR - http://www.scopus.com/inward/record.url?scp=85198044157&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85198044157&partnerID=8YFLogxK
U2 - 10.1145/3643833.3656124
DO - 10.1145/3643833.3656124
M3 - Conference contribution
AN - SCOPUS:85198044157
T3 - WiSec 2024 - Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 101
EP - 112
BT - WiSec 2024 - Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Y2 - 27 May 2024 through 29 May 2024
ER -