A Redundancy-based Security Model for Smart Home

Recent developments in smart devices, Cloud Computing and Internet of Things (IoT) are introducing network of intelligent devices. These intelligent devices can be used to develop smart home network. The home appliance in a smart home forms an ad-hoc network. A smart home network architecture can be exploited by compromising the devices it is made up of. Various malicious activities can be performed through such exploitation. This paper presents a security approach to combat this. By using a collaborative and redundant security approach, the ad-hoc network of a smart home would be able to prevent malicious exploitation. The security approach discussed in this paper is a conceptual representation on the proposed security model for smart home networks

Firmware enhancements for BYOD-aware network security

In today’s connected world, users migrate within a complex set of networks, including, but not limited to, 3G and 4G (LTE) services provided by mobile operators, Wi-Fi hotspots in private and public places, as well as wireless and/or wired LAN access in business and home environments. Following the widely expanding Bring Your Own Device (BYOD) approach, many public and educational institutions have begun to encourage customers and students to use their own devices at all times. While this may be cost-effective in terms of decreased investments in hardware and consequently lower maintenance fees on a long-term basis, it may also involve some security risks. In particular, many users are often connected to more than one network and/or communication service provider at the same time, for example to a 3G/4G mobile network and to a Wi-Fi. In a BYOD setting, an infected device or a rogue one can turn into an unwanted gateway, causing a security breach by leaking information across networks. Aiming at investigating in greater detail the implications of BYOD on network security in private and business settings we are building a framework for experiments with mobile routers both in home and business networks. This is a continuation of our earlier work on communications and services with enhanced security for network appliances

IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT

With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IOT SENTINEL, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IOT SENTINEL is effective in identifying device types and has minimal performance overhead

A Survey of Lightweight Cryptosystems for Smart Home Devices

A Smart Home uses interconnected network technology to monitor the environment, control the various physical appliances, and communicate with each other in a close environment. A typical smart home is made up of a security system, intercommunication system, lighting system, and ventilation system.  Data security schemes for smart homes are ineffective due to inefficiency cryptosystems, high energy consumption, and low exchange security. Traditional cryptosystems are less-applicable because of their large block size, large key size, and complex rounds. This paper conducts a review of smart homes, and adopts Ultra-Sooner Lightweight Cryptography to secure home door. It provides extensive background of cryptography, forms of cryptography as associated issues and strengths, current trends, smart home door system design, and future works suggestions. Specifically, there are prospects of utilizing XORed lightweight cryptosystem for developing encryption and decryption algorithms in smart home devices. The Substitution Permutation Network, and Feistel Network cryptographic primitives were most advanced forms of cipher operations with security guarantees. Therefore, better security, memory and energy efficiency can be obtained with lightweight ciphers in smart home devices when compared to existing solutions. In the subsequent studies, a blockchain-based lightweight cryptography can be the next springboard in attaining the most advanced security for smart home systems and their appliances.     &nbsp

A Security Threat Analysis of Smart Home Network with Vulnerable Dynamic Agents

This chapter presents a security analysis of a smart home network containing vulnerable dynamic agents in the form of smart toys. As a case study, a smart toy is used as an example of an Internet of Things (IoT) device which could be potentially used as a vector into the smart home network. This chapter discusses a threat model for smart home security with a focus on the smart toy as an entry point into the network and what a threat actor could potentially achieve through this relatively new type of threat to the home

Secure Data Provenance in Home Energy Monitoring Networks

Smart grid empowers home owners to efficiently manage their smart home appliances within a Home Area Network (HAN), by real time monitoring and fine-grained control. However, it offers the possibility for a malicious user to intrude into the HAN and deceive the smart metering system with fraudulent energy usage report. While most of the existing works have focused on how to prevent data tampering in HAN's communication channel, this paper looks into a relatively less studied security aspect namely data provenance. We propose a novel solution based on Shamir's secret sharing and threshold cryptography to guarantee that the reported energy usage is collected from the specific appliance as claimed at a particular location, and that it reflects the real consumption of the energy. A byproduct of the proposed security solution is a guarantee of data integrity. A prototype implementation is presented to demonstrate the feasibility and practicality of the proposed solution