Cross-App Interference Threats in Smart Homes: Categorization, Detection and Handling

TL;DR

This paper identifies a new class of security and privacy threats in smart home IoT platforms caused by app interactions, and proposes HOMEGUARD, a system that detects and mitigates these Cross-App Interference threats.

Contribution

The work introduces the concept of Cross-App Interference threats in IoT smart homes and develops HOMEGUARD to detect and handle these threats systematically.

Findings

HOMEGUARD effectively detects CAI threats in SmartThings.

Many CAI threat instances were found in the SmartThings app repository.

HOMEGUARD is precise, effective, and efficient in threat detection.

Abstract

A number of Internet of Things (IoTs) platforms have emerged to enable various IoT apps developed by third-party developers to automate smart homes. Prior research mostly concerns the overprivilege problem in the permission model. Our work, however, reveals that even IoT apps that follow the principle of least privilege, when they interplay, can cause unique types of threats, named Cross-App Interference (CAI) threats. We describe and categorize the new threats, showing that unexpected automation, security and privacy issues may be caused by such threats, which cannot be handled by existing IoT security mechanisms. To address this problem, we present HOMEGUARD, a system for appified IoT platforms to detect and cope with CAI threats. A symbolic executor module is built to precisely extract the automation semantics from IoT apps. The semantics of different IoT apps are then considered collectively to evaluate their interplay and discover CAI threats systematically. A user interface is presented to users during IoT app installation, interpreting the discovered threats to help them make decisions. We evaluate HOMEGUARD via a proof-of-concept implementation on Samsung SmartThings and discover many threat instances among apps in the SmartThings public repository. The evaluation shows that it is precise, effective and efficient.