On the Feasibility of Reasoning about the Internal States of Blackbox IoT Devices Using Side-Channel Information

TL;DR

This paper demonstrates that side-channel information can be used to infer the internal states of black-box IoT devices, enabling users to understand device behavior despite security measures.

Contribution

It introduces a multi-model sensing technique and an annotation interface to facilitate reasoning about IoT device states from side-channel data.

Findings

False positive rate of 1.44% in state probing for open-source devices

Participants took an average of 19.8 minutes to reason about device states

Prototype successfully applied to both open-source and commercial IoT devices

Abstract

Internet of Things (IoT) devices are typically designed to function in a secure, closed environment, making it difficult for users to comprehend devices' behaviors. This paper shows that a user can leverage side-channel information to reason fine-grained internal states of black box IoT devices. The key enablers for our design are a multi-model sensing technique that fuses power consumption, network traffic, and radio emanations and an annotation interface that helps users form mental models of a black box IoT system. We built a prototype of our design and evaluated the prototype with open-source IoT devices and black-box commercial devices. Our experiments show a false positive rate of 1.44% for open-source IoT devices' state probing, and our participants take an average of 19.8 minutes to reason the internal states of black-box IoT devices.