Explore a comprehensive security analysis of emerging smart home programming frameworks in this 20-minute IEEE conference talk. Delve into the potential security risks associated with third-party app development for smart home platforms, focusing on Samsung's SmartThings ecosystem. Discover the findings from a static source code analysis of 499 SmartApps and 132 device handlers, revealing significant design flaws and overprivilege issues. Learn about four proof-of-concept attacks that exploit these vulnerabilities, including planting and stealing door lock codes, disabling vacation mode, and triggering false alarms. Gain valuable insights into the security implications of smart home technologies and understand the lessons learned for designing more secure smart home programming frameworks in the future.
Overview
Syllabus
Security Analysis of Emerging Smart Home Applications
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
It's up to the Consumer to be Smart - Understanding the Security and Privacy Attitudes of Smart Home Users on Reddit
-
Characterizing Everyday Misuse of Smart Home Devices
-
Delay Wreaks Havoc on Your Smart Home - Delay-based Automation Interference Attacks
-
I Don't Own the Data - End User Perceptions of Smart Home Device Data Practices and Risks
-
Understanding and Improving Security and Privacy in Multi-User Smart Homes - A Design Exploration and In-Home User Study
-
DeepCASE - Semi-Supervised Contextual Analysis of Security Events
