当前位置:
X-MOL 学术
›
IEEE Internet Things J.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
HomeShield: A Credential-Less Authentication Framework for Smart Home Systems
IEEE Internet of Things Journal ( IF 8.2 ) Pub Date : 2020-06-19 , DOI: 10.1109/jiot.2020.3003621 Yinhao Xiao , Yizhen Jia , Chunchi Liu , Arwa Alrawais , Molka Rekik , Zhiguang Shan
IEEE Internet of Things Journal ( IF 8.2 ) Pub Date : 2020-06-19 , DOI: 10.1109/jiot.2020.3003621 Yinhao Xiao , Yizhen Jia , Chunchi Liu , Arwa Alrawais , Molka Rekik , Zhiguang Shan
Smart home systems have become more and more prevailent in recent years. On the one hand, they make our everyday life more convenient; on the other hand, they suffer from the two notorious security problems, namely, the open-port problem and the overprivilege problem, making their security situations extremely worrying and uncheerful. In this article, we proposed HomeShield, a novel credential-less authentication framework to shield smart home systems by effectively defending against the attacks resulted from these two security problems without the need for sensitive credentials. We further detailed an implementation of HomeShield based on the side channels that are publicly available in Android smartphones serving as controllers of smart home systems and presented its workflow in protecting against various attacks caused by the open-port and overprivilege problems. Finally, we tested our HomeShield implementation on a real-world smart home system and considered four threat models that cover basically all practical attacks, including Mirai and its variants. We also considered the effectiveness of our HomeShield implementation on the SmartApps of the Samsung SmartThings platform, which also suffers from the open-port and overprivilege problems, even though its overprivilege issue has been extensively studied by the recently proposed works, such as ContexIoT and SmartAuth. The evaluation results indicate that our HomeShield realization can successfully defend against over 90% attack trials with an average latency of less than 1 s.
中文翻译:
HomeShield:智能家居系统的无凭据身份验证框架
近年来,智能家居系统变得越来越流行。一方面,它们使我们的日常生活更加方便;另一方面,它们又面临着开放口岸问题和权限过高问题这两个臭名昭著的安全问题,使它们的安全状况极其令人担忧和不乐观。在本文中,我们提出了 HomeShield,这是一种新颖的无凭据身份验证框架,可以通过有效防御这两个安全问题导致的攻击来保护智能家居系统,而无需敏感凭据。我们进一步详细介绍了基于 Android 智能手机中公开的侧通道(作为智能家居系统控制器)的 HomeShield 实现,并介绍了其防御开放端口和权限过高问题引起的各种攻击的工作流程。最后,我们在现实世界的智能家居系统上测试了 HomeShield 实施,并考虑了四种威胁模型,这些模型基本上涵盖了所有实际攻击,包括 Mirai 及其变体。我们还考虑了在 Samsung SmartThings 平台的 SmartApps 上实施 HomeShield 的有效性,该平台也存在开放端口和权限过高问题,尽管最近提出的作品(例如 ContexIoT 和 SmartAuth)已对其权限过高问题进行了广泛研究。评估结果表明,我们的HomeShield实现可以成功抵御90%以上的攻击尝试,平均延迟小于1秒。
更新日期:2020-06-19
中文翻译:
HomeShield:智能家居系统的无凭据身份验证框架
近年来,智能家居系统变得越来越流行。一方面,它们使我们的日常生活更加方便;另一方面,它们又面临着开放口岸问题和权限过高问题这两个臭名昭著的安全问题,使它们的安全状况极其令人担忧和不乐观。在本文中,我们提出了 HomeShield,这是一种新颖的无凭据身份验证框架,可以通过有效防御这两个安全问题导致的攻击来保护智能家居系统,而无需敏感凭据。我们进一步详细介绍了基于 Android 智能手机中公开的侧通道(作为智能家居系统控制器)的 HomeShield 实现,并介绍了其防御开放端口和权限过高问题引起的各种攻击的工作流程。最后,我们在现实世界的智能家居系统上测试了 HomeShield 实施,并考虑了四种威胁模型,这些模型基本上涵盖了所有实际攻击,包括 Mirai 及其变体。我们还考虑了在 Samsung SmartThings 平台的 SmartApps 上实施 HomeShield 的有效性,该平台也存在开放端口和权限过高问题,尽管最近提出的作品(例如 ContexIoT 和 SmartAuth)已对其权限过高问题进行了广泛研究。评估结果表明,我们的HomeShield实现可以成功抵御90%以上的攻击尝试,平均延迟小于1秒。
京公网安备 11010802027423号