IoTGaze: IoT Security Enforcement via Wireless Context Analysis

TL;DR

IoTGaze is a novel framework that analyzes encrypted wireless traffic to detect anomalies and vulnerabilities in IoT systems by understanding event dependencies and user expectations.

Contribution

This work introduces IoTGaze, a wireless traffic analysis framework that identifies IoT security issues from a new perspective, focusing on wireless context rather than platform or app analysis.

Findings

Effectively detects anomalies in IoT wireless traffic

Identifies vulnerabilities caused by inter-app interactions

Demonstrates high accuracy on Samsung SmartThings platform

Abstract

Internet of Things (IoT) has become the most promising technology for service automation, monitoring, and interconnection, etc. However, the security and privacy issues caused by IoT arouse concerns. Recent research focuses on addressing security issues by looking inside platform and apps. In this work, we creatively change the angle to consider security problems from a wireless context perspective. We propose a novel framework called IoTGaze, which can discover potential anomalies and vulnerabilities in the IoT system via wireless traffic analysis. By sniffing the encrypted wireless traffic, IoTGaze can automatically identify the sequential interaction of events between apps and devices. We discover the temporal event dependencies and generate the Wireless Context for the IoT system. Meanwhile, we extract the IoT Context, which reflects user's expectation, from IoT apps' descriptions and user interfaces. If the wireless context does not match the expected IoT context, IoTGaze reports an anomaly. Furthermore, IoTGaze can discover the vulnerabilities caused by the inter-app interaction via hidden channels, such as temperature and illuminance. We provide a proof-of-concept implementation and evaluation of our framework on the Samsung SmartThings platform. The evaluation shows that IoTGaze can effectively discover anomalies and vulnerabilities, thereby greatly enhancing the security of IoT systems.