# Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case Study

**Authors:** Rixin Xu, Qiang Zeng, Liehuang Zhu, Haotian Chi, Mohsen Guizani

arXiv: 1902.03168 · 2019-02-15

## TL;DR

This paper examines privacy leakage risks in smart home platforms like IFTTT, demonstrating how user behavior can be inferred and proposing a Filter-and-Fuzz mitigation method to protect user privacy.

## Contribution

It identifies privacy risks in IFTTT and introduces a novel Filter-and-Fuzz approach to prevent behavior pattern recognition.

## Key findings

- F&F effectively prevents IFTTT from recognizing user behavior patterns
- The study highlights significant privacy risks in popular smart home platforms
- Proposed mitigation reduces information leakage without compromising automation functionality

## Abstract

The combination of smart home platforms and automation apps introduces much convenience to smart home users. However, this also brings the potential for privacy leakage. If a smart home platform is permitted to collect all the events of a user day and night, then the platform will learn the behavior patterns of this user before long. In this paper, we investigate how IFTTT, one of the most popular smart home platforms, has the capability of monitoring the daily life of a user in a variety of ways that are hardly noticeable. Moreover, we propose multiple ideas for mitigating privacy leakages, which altogether forms a Filter-and-Fuzz (F&F) process: first, it filters out events unneeded by the IFTTT platform; then, it fuzzes the values and frequencies of the remaining events. We evaluate the F&F process, and the results show that the proposed solution makes IFTTT unable to recognize any of the user's behavior patterns.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1902.03168/full.md

## Figures

14 figures with captions in the complete paper: https://tomesphere.com/paper/1902.03168/full.md

## References

43 references — full list in the complete paper: https://tomesphere.com/paper/1902.03168/full.md

---
Source: https://tomesphere.com/paper/1902.03168