Mandalari, Anna Maria;
Haddadi, Hamed;
Dubois, Daniel J;
Choffnes, David;
(2023)
Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards.
In:
2023 IEEE Symposium on Security and Privacy (SP).
(pp. pp. 3061-3078).
IEEE
Preview |
Text
paper.pdf - Other Download (2MB) | Preview |
Abstract
Consumer Internet of Things (IoT) devices are increasingly common, from smart speakers to security cameras, in homes. Along with their benefits come potential privacy and security threats. To limit these threats a number of commercial services have become available (IoT safeguards). The safeguards claim to provide protection against IoT privacy risks and security threats. However, the effectiveness and the associated privacy risks of these safeguards remains a key open question. In this paper, we investigate the threat detection capabilities of IoT safeguards for the first time. We develop and release an approach for automated safeguards experimentation to reveal their response to common security threats and privacy risks. We perform thousands of automated experiments using popular commercial IoT safeguards when deployed in a large IoT testbed. Our results indicate not only that these devices may be ineffective in preventing risks, but also their cloud interactions and data collection operations may introduce privacy risks for the households that adopt them.
Type: | Proceedings paper |
---|---|
Title: | Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards |
Event: | 2023 IEEE Symposium on Security and Privacy (SP 2023), 21-25 May 2023, San Francisco, USA |
Location: | San Francisco, CA |
Dates: | 21 May 2023 - 25 May 2023 |
ISBN-13: | 978-1-6654-9336-9 |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.1109/SP46215.2023.10179282 |
Language: | English |
Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
Keywords: | Internet-of-Things, security, privacy, IDS, IPS, anomaly-detection |
UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Electronic and Electrical Eng |
URI: | https://discovery.ucl.ac.uk/id/eprint/10180536 |
Archive Staff Only
View Item |