Dear Spiral User, we appreciate your patience during this upgrade which is to benefit our userbase, improve their experience in Spiral, introduce improvements, fixes and maintaining our versioning for future updates. Please note if you encounter any issues in Spiral, please raise a ticket to Research Applications team providing as much detail as possible in order to help us resolve your query. Again, we thank you for your patience and support during the upgrade. Kind Regards, Spiral Upgrade Team.
 
Protected or porous: a comparative analysis of threat detection capability of IoT safeguards
OA Location
Author(s)
Mandalari, Anna Maria
Haddadi, Hamed
Dubois, Daniel J
Choffnes, David
Type
Conference Paper
Abstract
Consumer Internet of Things (IoT) devices are increasingly common, from smart speakers to security cameras, in homes. Along with their benefits come potential privacy and security threats. To limit these threats a number of commercial services have become available (IoT safeguards). The safeguards claim to provide protection against IoT privacy risks and security threats. However, the effectiveness and the associated privacy risks of these safeguards remains a key open question. In this paper, we investigate the threat detection capabilities of IoT safeguards for the first time. We develop and release an approach for automated safeguards experimentation to reveal their response to common security threats and privacy risks. We perform thousands of automated experiments using popular commercial IoT safeguards when deployed in a large IoT testbed. Our results indicate not only that these devices may be ineffective in preventing risks, but also their cloud interactions and data collection operations may introduce privacy risks for the households that adopt them.
Date Issued
2023-07-21
Date Acceptance
2023-05-01
Citation
2023 IEEE Symposium on Security and Privacy (SP), 2023, pp.3061-3078
URI
DOI
ISSN
1081-6011
Publisher
IEEE Computer Society
Start Page
3061
End Page
3078
Journal / Book Title
2023 IEEE Symposium on Security and Privacy (SP)
Copyright Statement
© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Identifier
https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:001035501503007&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=a2bf6146997ec60c407a63945d4e92bb
Source
44th IEEE Symposium on Security and Privacy (SP)
Subjects
Computer Science
Computer Science, Information Systems
Computer Science, Theory & Methods
Science & Technology
Technology
Publication Status
Published
Start Date
2023-05-21
Finish Date
2023-05-25
Coverage Spatial
San Francisco, CA, USA