22 research outputs found
Privacy Preserving Threat Hunting in Smart Home Environments
The recent proliferation of smart home environments offers new and
transformative circumstances for various domains with a commitment to enhancing
the quality of life and experience. Most of these environments combine
different gadgets offered by multiple stakeholders in a dynamic and
decentralized manner, which in turn presents new challenges from the
perspective of digital investigation. In addition, a plentiful amount of data
records got generated because of the day to day interactions between these
gadgets and homeowners, which poses difficulty in managing and analyzing such
data. The analysts should endorse new digital investigation approaches to
tackle the current limitations in traditional approaches when used in these
environments. The digital evidence in such environments can be found inside the
records of logfiles that store the historical events occurred inside the smart
home. Threat hunting can leverage the collective nature of these gadgets to
gain deeper insights into the best way for responding to new threats, which in
turn can be valuable in reducing the impact of breaches. Nevertheless, this
approach depends mainly on the readiness of smart homeowners to share their own
personal usage logs that have been extracted from their smart home
environments. However, they might disincline to employ such service due to the
sensitive nature of the information logged by their personal gateways. In this
paper, we presented an approach to enable smart homeowners to share their usage
logs in a privacy preserving manner. A distributed threat hunting approach has
been developed to permit the composition of diverse threat classes without
revealing the logged records to other involved parties. Furthermore, a scenario
was proposed to depict a proactive threat Intelligence sharing for the
detection of potential threats in smart home environments with some
experimental results.Comment: In Proc. the International Conference on Advances in Cyber Security,
Penang, Malaysia, July 201