Advanced Search
Article Contents
Article Contents

Application of learning algorithms in smart home IoT system security

  • *Corresponding author: Jian Mao

    *Corresponding author: Jian Mao 
Abstract Full Text(HTML) Figure(2) / Table(2) Related Papers Cited by
  • With the rapid development of Internet of Things (IoT) technologies, smart home systems are getting more and more popular in our daily life. Besides providing convenient functionality and tangible benefits, smart home systems also expose users to security risks. To enhance the functionality and the security, machine learning algorithms play an important role in a smart home ecosystem, e.g., ensuring biotechnology-based authentication and authorization, anomalous detection, etc. On the other side, attackers also treat learning algorithms as a tool, as well as a target, to exploit the security vulnerabilities in smart home systems. In this paper, we unify the system architectures suggested by the mainstream service providers, e.g., Samsung, Google, Apple, etc. Based on our proposed overall smart home system model, we investigate the application of learning algorithms in smart home IoT system security. Our study includes two angles. First, we discussed the functionality and security enhancing methods based on learning mechanisms; second, we described the security threats exposed by employing learning techniques. We also explored the potential solutions that may address the aforementioned security problems.

    Mathematics Subject Classification: Primary: 58F15, 58F17; Secondary: 53C35.


    \begin{equation} \\ \end{equation}
  • 加载中
  • Figure 1.  Unified Smart Home System Architecture

    Figure 2.  Learning-based Attack Vectors in Smart Home Systems

    Table 1.  A brief summary of learning application in smart home

    Layer Application Description Func. Sec. References
    Control Layer Image/Speech Recognition Identifying specific images to meet user requirements; Verifying users identities through face/voice [11], [28]
    Incident Recognition Using real-time data to predict sudden events on health issues [36], [60]
    Energy saving Predicting energy consumption;
    Managing energy utilisation
    [44], [50]
    User preference Providing home services for users based on predicted user preference [10], [39]
    Anomalous Detection Detecting abnormal behaviors;
    Defending DDoS attack;
    Device failure detection
    [7], [29]
    Processing Layer Malware Detection Detecting malicious software;
    Providing recommended solutions
    [23], [32], [40]
     | Show Table
    DownLoad: CSV

    Table 2.  A taxonomy of learning-related attack in smart home

    Angles Description Attack Vectors References
    Exploiting vulnerabilities of Learning Automatic vehicle interference Tampering with the image transmitted to the automatic vehicle image recognition algorithm [37]
    Controlling voice control system Designing an ultrasound that contain voice control commands, but humans could not hear [55]
    Intrusion detection systems evasion Disguising traffic pattern of the malicious data [14]
    Using Learning-Based Techniques Attack cryptographic algorithm Learning-based analysis of power traces to find secret key information [20], [25]
    PUF attack Learning-based modeling methods; Combining side-channel information with machine learning modeling techniques [27], [31],
    [42], [43]
    Stealing information from cache Building cache pattern classifier to extract information [58]
    Recovering printed text Analyzing voice of printer via machine learning [5]
     | Show Table
    DownLoad: CSV
  •   Researchers exploit zigbee security flaws that compromise security of smart homes, http://www:networkworld:com/article/2969402/microsoft-subnet/researchers-exploitzigbee-securityflaws-that-compromise-security-of-smart-homes:html.
      M. R. Alam , M. B. I. Reaz  and  M. A. M. Ali , A review of smart homes--past, present, and future, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 42 (2012) , 1190-1203.  doi: 10.1109/TSMCC.2012.2189204.
      I. Androutsopoulos, J. Koutsias, K. V. Chandrinos, G. Paliouras and C. D. Spyropoulos, An evaluation of naive bayesian anti-spam filtering, arXiv preprint cs/0006013.
      Apple, Apple machine learning journal, https://machinelearning:apple:com/.
      M. Backes , M. Dürmuth , S. Gerling , M. Pinkal  and  C. Sporleder , Acoustic side-channel attacks on printers., Proceedings of USENIX Security symposium, (2010) , 307-322. 
      A. Bassi  and  G. Horn , Internet of things in 2020: A roadmap for the future, European Commission: Information Society and Media, 22 (2008) , 97-114. 
      V. H. Bhide and S. Wagh, I-learning iot: An intelligent self learning system for home automation using IoT, in Proceedings of 2015 International Conference on Communications and Signal Processing (ICCSP), IEEE, 2015,1763-1767. doi: 10.1109/ICCSP.2015.7322825.
      Z. Cai , Z. He , X. Guan  and  Y. Li , Collective data-sanitization for preventing sensitive information inference attacks in social networks, IEEE Transactions on Dependable and Secure Computing, PP (2017) , 1-1.  doi: 10.1109/TDSC.2016.2613521.
      S. Chari, J. R. Rao and P. Rohatgi, Template attacks, in Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems, Springer, 2002, 13-28. doi: 10.1007/3-540-36400-5_3.
      J. Choi , D. Shin  and  D. Shin , Research and implementation of the context-aware middleware for controlling home appliances, IEEE Transactions on Consumer Electronics, 51 (2005) , 301-306. 
      L. Deng  and  X. Li , Machine learning paradigms for speech recognition: An overview, IEEE Transactions on Audio, Speech, and Language Processing, 21 (2013) , 1060-1089.  doi: 10.1109/TASL.2013.2244083.
      E. Fernandes, J. Jung and A. Prakash, Security analysis of emerging smart home applications, in Proceedings of 2016 IEEE Symposium on Security and Privacy (SP), IEEE, 2016,636-654.
      E. Fernandes, A. Rahmati, K. Eykholt and A. Prakash, Internet of things security research: A rehash of old ideas or new intellectual challenges?, arXiv preprint, arXiv: 1705.08522.
      P. Fogla and W. Lee, Evading network anomaly detection systems: Formal reasoning and practical techniques, in Proceedings of the 13th ACM conference on Computer and communications security, ACM, 2006, 59-68. doi: 10.1145/1180405.1180414.
      Gartner, Gartner says 6. 4 billion connected "things" will be in use in 2016, up 30 percent from 2015, http://www:gartner:com/newsroom/id/3165317.
      A. Greenberg, Apple's 'differential privacy' is about collecting your data-but not your data, https://www:wired:com/2016/06/apples-differential-privacy-collecting-data/.
      K. He, X. Zhang, S. Ren and J. Sun, Deep residual learning for image recognition, in Proceedings of the IEEE conference on computer vision and pattern recognition, 2016,770-778. doi: 10.1109/CVPR.2016.90.
      A. Hesseldahl, A hackers-eye view of the internet of things, http://recode:net/2015/04/07/ a-hackers-eye-view-of-the-internet-of-things/.
      G. Ho, D. Leung, P. Mishra, A. Hosseini, D. Song and D. Wagner, Smart locks: Lessons for securing commodity internet of things devices, in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ACM, 2016,461-472. doi: 10.1145/2897845.2897886.
      G. Hospodar , B. Gierlichs , E. De Mulder , I. Verbauwhede  and  J. Vandewalle , Machine learning in side-channel analysis: A first study, Journal of Cryptographic Engineering, 1 (2011) , 293-302.  doi: 10.1007/s13389-011-0023-x.
      D. Istrate, M. Vacher, E. Castelli and C. -P. Nguyen, Sound processing for health smart home, in Proceedings of International Conference on Smart homes and health Informatics, 2004, 41-48.
      Y. J. Jia, Q. A. Chen, S. Wang, A. Rahmati, E. Fernandes, Z. M. Mao, A. Prakash and S. J. Unviersity, Contexiot: Towards providing contextual integrity to appified iot platforms, in Proceedings of the 21st Network and Distributed System Security Symposium (NDSS'17), 2017. doi: 10.14722/ndss.2017.23051.
      E. B. Karbab, M. Debbabi, A. Derhab and D. Mouheb, Cypider: Building community-based cyber-defense infrastructure for android malware detection, in Proceedings of the 32nd Annual Conference on Computer Security Applications, ACM, 2016,348-362. doi: 10.1145/2991079.2991124.
      G. Kortuem , F. Kawsar , V. Sundramoorthy  and  D. Fitton , Smart objects as building blocks for the internet of things, IEEE Internet Computing, 14 (2010) , 44-51.  doi: 10.1109/MIC.2009.143.
      L. Lerman , G. Bontempi , O. Markowitch  and  Y. Li , Side channel attack: An approach based on machine learning, Center for Advanced Security Research Darmstadt, () , 29-41. 
      Y. Liang , Z. Cai , Q. Han  and  Y. Li , Location privacy leakage through sensory data, Security and Communication Networks, 2017 (2017) , 12pp.  doi: 10.1155/2017/7576307.
      D. Lim , J. W. Lee , B. Gassend , G. E. Suh , M. Van Dijk  and  S. Devadas , Extracting secret keys from integrated circuits, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 13 (2005) , 1200-1205. 
      C. Liu, Y. Cao, Y. Luo, G. Chen, V. Vokkarane and Y. Ma, Deepfood: Deep learning-based food image recognition for computer-aided dietary assessment, in Proceedings of International Conference on Smart Homes and Health Telematics, Springer, 2016, 37-48. doi: 10.1007/978-3-319-39601-9_4.
      C. Livadas, R. Walsh, D. Lapsley and W. T. Strayer, Usilng machine learning technliques to identify botnet traffic, in Proceedings of 2006 31st IEEE Conference on Local Computer Networks, IEEE, 2006,967-974. doi: 10.1109/LCN.2006.322210.
      R. Lutolf, Smart home concept and the integration of energy meters into a home based system, in Proceedings of Seventh International Conference on Metering Apparatus and Tariffs for Electricity Supply, IET, 1992,277-278.
      A. Mahmoud , U. Rührmair , M. Majzoobi  and  F. Koushanfar , Combined modeling and side channel attacks on strong pufs, IACR Cryptology ePrint Archive, 2013 (2013) , p632.. 
      S. Majumdar, Y. Jarraya, M. Oqaily, A. Alimohammadifar, M. Pourzandi, L. Wang and M. Debbabi, Leaps: Learning-based proactive security auditing for clouds, in Proceedings of European Symposium on Research in Computer Security, Springer, 2017,265-285. doi: 10.1007/978-3-319-66399-9_15.
      R. McCoppin and M. Rizki, Deep learning for image classification, in SPIE Defense+ Security, International Society for Optics and Photonics, 2014,90790T-90790T.
      E. C. McLaughlin, Alexa, what other devices are listening to me?, http://edition:cnn:com/2017/01/12/tech/voice-technology-internet-of-things-privacy/index:html.
      T. Oluwafemi, T. Kohno, S. Gupta and S. Patel, Experimental security analyses of nonnetworked compact fluorescent lamps: A case study of home automation security, in Proceedings of LASER, 2013, 13-24.
      L. Pang, I. Tchoudovski, A. Bolz, M. Braecklein, K. Egorouchkina and W. Kellermann, Real time heart ischemia detection in the smart home care system, in Proceedings of 27th Annual International Conference of the Engineering in Medicine and Biology Society (IEEE-EMBS 2005), IEEE, 2006,3703-3706. doi: 10.1109/IEMBS.2005.1617286.
      N. Papernot, P. McDaniel, A. Sinha and M. Wellman, Towards the science of security and privacy in machine learning, arXiv preprint, arXiv: 1611.03814.
      M. Parkhi, A. Vedaldi and A. Zisserman, Deep face recognition, in Proceedings of British machine vision conference (BMVC), 1 (2015), 6pp. doi: 10.5244/C.29.41.
      A. Rahmati, E. Fernandes, K. Eykholt, X. Chen and A. Prakash, Heimdall: A privacyrespecting implicit preference collection framework, in Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, ACM, 2017,453-463. doi: 10.1145/3081333.3081334.
      B. Rashidi, C. Fung, A. Nguyen and T. Vu, Android permission recommendation using transitive bayesian inference model, in Proceedings of European Symposium on Research in Computer Security, Springer, 2016,477-497. doi: 10.1007/978-3-319-45744-4_24.
      S. Roy, J. DeLoach, Y. Li, N. Herndon, D. Caragea, X. Ou, V. P. Ranganath, H. Li and N. Guevara, Experimental study with real-world data for android app security analysis using machine learning, in Proceedings of the 31st Annual Computer Security Applications Conference, ACM, 2015, 81-90. doi: 10.1145/2818000.2818038.
      U. Rüshrmair, F. Sehnke, J. Sölter, G. Dror, S. Devadas and J. Schmidhuber, Modeling attacks on physical unclonable functions, in Proceedings of the 17th ACM conference on Computer and communications security, ACM, 2010,237-249.
      U. Rührmair , J. Sölter , F. Sehnke , X. Xu , A. Mahmoud , V. Stoyanova , G. Dror , J. Schmidhuber , W. Burleson  and  S. Devadas , Puf modeling attacks on simulated and silicon data, IEEE Transactions on Information Forensics and Security, 8 (2013) , 1876-1891. 
      M. S. Shahriar and M. S. Rahman, Urban sensing and smart home energy optimisations: A machine learning approach, in Proceedings of the 2015 International Workshop on Internet of Things towards Applications, ACM, 2015, 19-22.
      F. Siegemund , A context-aware communication platform for smart objects, Lecture notes in computer science, (2004) , 69-86.  doi: 10.1007/978-3-540-24646-6_5.
      K. Simonyan and A. Zisserman, Very deep convolutional networks for large-scale image recognition, arXiv: 1409.1556.
      R. Sommer and V. Paxson, Outside the closed world: On using machine learning for network intrusion detection, in Proceedings of 2010 IEEE Symposium on Security and Privacy (SP), IEEE, 2010,305-316. doi: 10.1109/SP.2010.25.
      I. Strategy and P. Unit, Itu internet reports 2005: The internet of things, Geneva: International Telecommunication Union (ITU).
      A. van Berlo, A. Bob, E. Jan, F. Klaus, H. Maik and W. Charles, Design Guidelines on Smart Homes, A COST 219bis Guidebook (October 1999).
      D. Ventura, D. Casado-Mansilla, J. López-de Armentia, P. Garaizar, D. López-de Ipina and V. Catania, Ariima: A real iot implementation of a machine-learning architecture for reducing energy consumption, in Proceedings of International Conference on Ubiquitous Computing and Ambient Intelligence, Springer, 2014,444-451. doi: 10.1007/978-3-319-13102-3_72.
      Y. Wang , Z. Cai , G. Yin , Y. Gao , X. Tong  and  G. Wu , An incentive mechanism with privacy protection in mobile crowdsourcing systems, Computer Networks, 102 (2016) , 157-171.  doi: 10.1016/j.comnet.2016.03.016.
      S. Wüller, U. Meyer, F. F¨org and S. Wetzel, Privacy-preserving conditional random selection, in Proceedings of 2015 13th Annual Conference on Privacy, Security and Trust (PST), IEEE, 2015, 44-53.
      T. Xu, J. B. Wendt and M. Potkonjak, Security of iot systems: Design challenges and opportunities, in Proceedings of the 2014 IEEE/ACM International Conference on Computer-Aided Design, IEEE Press, 2014,417-423. doi: 10.1109/ICCAD.2014.7001385.
      T. Yu, V. Sekar, S. Seshan, Y. Agarwal and C. Xu, Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things, in Proceedings of the 14th ACM Workshop on Hot Topics in Networks, ACM, 2015, Article No. 5. doi: 10.1145/2834050.2834095.
      G. Zhang, C. Yan, X. Ji, T. Zhang, T. Zhang and W. Xu, Dolphinatack: Inaudible voice commands, arXiv: 1708.09537.
      L. Zhang , Z. Cai  and  X. Wang , Fakemask: A novel privacy preserving approach for smartphones, IEEE Transactions on Network and Service Management, 13 (2016) , 335-348.  doi: 10.1109/TNSM.2016.2559448.
      Q. Zhang and B. Li, Discriminative k-svd for dictionary learning in face recognition, in Proceedings of 2010 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), IEEE, 2010,2691-2698. doi: 10.1109/CVPR.2010.5539989.
      Y. Zhang, A. Juels, M. K. Reiter and T. Ristenpart, Cross-vm side channels and their use to extract private keys, in Proceedings of the 2012 ACM conference on Computer and communications security, ACM, 2012,305-316.
      X. Zheng , Z. Cai , J. Yu , C. Wang  and  Y. Li , Follow but no track: Privacy preserved profile publishing in cyber-physical social systems, IEEE Internet of Things Journal, 4 (2017) , 1868-1878.  doi: 10.1109/JIOT.2017.2679483.
      H. Zhou , K. M. Hou  and  D.-C. Zuo , Real-time automatic ecg diagnosis method dedicated to pervasive cardiac care, Wireless Sensor Network, 1 (2009) , 276-283.  doi: 10.4236/wsn.2009.14034.
  • 加载中




Article Metrics

HTML views(10993) PDF downloads(2697) Cited by(0)

Access History

Other Articles By Authors



    DownLoad:  Full-Size Img  PowerPoint