Threat Modelling in Virtual Assistant Hub Devices Compared With User Risk Perceptions (2021)

TL;DR

This paper compares different threat modeling approaches for virtual assistant hub devices, finding that combining STRIDE and LINDUNN GO effectively helps communicate security threats to consumers.

Contribution

It evaluates and identifies the most suitable threat modeling methodologies for IoT devices, and prototypes a consumer education software tool.

Findings

STRIDE and LINDUNN GO combination is optimal for threat elucidation.

The prototype software effectively engages and educates consumers.

Different threat models vary in applicability depending on industry time constraints.

Abstract

Despite increasing uptake, there are still many concerns as to the security of virtual assistant hubs (such as Google Nest and Amazon Alexa) in the home. Consumer fears have been somewhat exacerbated by widely-publicised privacy breaches, and the continued prevalence of high-profile attacks targeting IoT networks. Literature suggests a considerable knowledge gap between consumer understanding and the actual threat environment; furthermore, little work has been done to compare which threat modelling approach(es) would be most appropriate for these devices, in order to elucidate the threats which can then be communicated to consumers. There is therefore an opportunity to explore different threat modelling methodologies as applied to this context, and then use the findings to prototype a software aimed at educating consumers in an accessible manner. Five approaches (STRIDE, CVSS, Attack Trees (a.k.a. Threat Trees), LINDUNN GO, and Quantitative TMM) were compared as these were determined to be either the most prominent or potentially applicable to an IoT context. The key findings suggest that a combination of STRIDE and LINDUNN GO is optimal for elucidating threats under the pressures of a tight industry deadline cycle (with potential for elements of CVSS depending on time constraints), and that the trialled software prototype was effective at engaging consumers and educating about device security. Such findings are useful for IoT device manufacturers seeking to optimally model threats, or other stakeholders seeking ways to increase information security knowledge among consumers.