Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective
Abstract
:1. Introduction
- Comparing and analyzing the cyberspace layers and IoT environment.
- Connecting with the cyberspace layer to identify possible threats to IoT devices in a smart home.
- Proposing a framework for risk assessment of IoT devices in a smart home environment.
2. Scalability of Cyber Threats
2.1. IoT Layered Architecture and Cyber Threat
- Perception Layer: This layer, also called the sensor layer, is responsible for the identification of objects and collection of information about objects. RFID, 2-D barcodes, and various types of sensors for object recognition are attached to the things. The information collected by these sensors varies in location, atmosphere, environment, motion, and vibration. These sensors can be used as a tool to unauthorisedly monitor privacy by an attacker.
- Network Layer: This layer connects the perception layer and application layer. In other words, this layer is responsible for the transfer of data collected in the perception layer to other connected devices through a communication channel. The transmission medium may be wired or wireless (Wi-Fi, Bluetooth, Zigbee, cellular network, etc.). The connectivity of IoT devices is vulnerable to transfer malware and network attacks such as denial of service.
- Processing Layer: This layer collects and processes the information transmitted from the network layer. It is responsible for removing meaningless extra information and extracting useful information. This layer can affect the performance of the IoT when a large amount of information is received.
- Application Layer: This layer uses IoT technology or defines all applications implemented to IoT. IoT can be implemented in smart homes, smart cities, and smartphones, which controls them. Because the services provided depend on the information collected by the sensors, they may be different for each application. Especially when IoT is used in a smart home, various internal and external threats and vulnerabilities can occur.
- Business Layer: The business layer represents the intended behavior of the application. This layer is responsible for managing and controlling the application, business, and revenue models of IoT and manages user’s personal information. This layer of vulnerability could allow an attacker to misuse the application.
2.2. Connection between Cyberspace and Real World
- Perception (Sensing)—Physical or Geographic Layer: The main purpose of Perception is to identify the phenomenon and change in the device environment based on various sensors and consequently collect data from the real world. These motion, environment, and position sensors are physically located and can be connected to the physical layer. The position sensors are also used as a tool to measure geographical locations.
- Network—Logical Layer: Sensors in IoT devices are integrated through a sensor hub, which uses transport mechanisms such as Inter-Integrated Circuit (I2C) or Serial Peripheral Interface (SPI) to ensure data flow between sensors and applications. The network component of IoT is responsible for transferring the data collected through sensors to other connected devices. These components are similar in concept to the logical layer because they logically connect nodes in cyberspace. Various technologies such as Wi-Fi, Bluetooth, and Zigbee are used to connect data flows between different devices.
- Processing—Machine Language or OS Layer: Processing component consists of the main data processing unit of an IoT device. This configuration corresponds to the machine language layer. In addition, processing performs the decision-making analysis through the data collected from sensors. IoT devices such as smart home hubs serve to improve the user experience by storing the analysis results. Because the OS is essential for the execution of this analysis, it can be connected to the OS layer.
- Application—Application Layer: The application component is responsible for implementing and presenting the results of data processing to perform different applications through IoT devices. The application is a user-oriented layer that performs various tasks for the user and serves as the application layer of the cyber ecosystem. IoT devices can be implemented in smart homes, personal hygiene, and healthcare.
- Business—Real World: A business represents the intended behavior of an application and is closely related to the real world in terms of managing the user’s personal information. However, it is difficult to provide proper security through a sensor management system and security system, which have strong software tendency. The sensor data captured by a malicious attacker may be processed and cause problems such as leakage of personal information and unauthorised privacy monitoring.
3. Risk Assessment Approach Using Factor Analysis of Information Risk (FAIR)
- Threat Event Frequency (TEF):TEF indicates the frequency with which a threat agent is likely to act on an asset within a specified period. Similar to the definition of LEF, this factor does not reflect the success of an attack by a threat agent. The TEF is measured by contact and action factors, where the action against the attack is based on the contact by the threat agent. Contact factor means the frequency with which a threat agent is likely to contact an asset within a certain period, and is classified into random, regular, and intentional. The factors that determine the probability of this contact factor are the size of the threat, number of threats in contact, size of the asset, activity of the threat, flexibility of the threat, and relationship between the threat and asset. Action refers to the probability that an actual attack will be carried out on an asset that it owns in the event of a threat agent’s contact. The precondition for the action is that the threat agent who can think of is caused by a threat agent intentionally created such as a malicious program. Measures related to these actions include asset value, level of effort, and the probability of detecting threats and experiencing unacceptable consequences.
- Vulnerability (VUL):VUL is the probability that the acquired assets cannot resist the threat agent’s behavior. Vulnerability exists owing to the difference between the capability of the threat agent and that of the asset to resist the capability. This implies that vulnerability is relative to the attack method or type of threat. These VULs are calculated as a combination of threat capability (TCap) and control strength (CS). TCap is the ability of the threat agent to negatively affect the asset. TCap does not equally generate all threats. Therefore, the threat agent does not perform the same functions. In addition, the value of TCap may be higher for an attack target where a threat agent is set but it may be incompetent for other objects. CS is the resistance strength of the acquired assets when compared to the measured threats. These CSs are divided into three types: policies, processes, and techniques. When a small number of controls are set, the probability values of each control can be independently calculated.
- Primary Loss (PL):PL consists of primary loss event frequency (PLEF) and primary loss magnitude (PLM). PLEF is an element of actions that a threat agent performs on an asset and consists of access, misuse, disclose, modify, and deny access. The intent of the threat agent is largely determined by the motivation (e.g., financial gains, revenge, etc.) and nature of the asset, and the magnitude of the loss depends on the location of the threat agent (outside or inside the organization). PLEF broadcasts threat competence, which is a characteristic that can cause damage. PLM consists of a combination of criticality, cost, and sensitivity. Criticality refers to the nature of assets that causes an impact on the productivity of the organization. Cost indicates the cost of responding to an asset when it is damaged by an attack. Sensitivity refers to the degree of damage that can result from unintended exposure and reflects qualitative measurements such as reputation, competitive advantage, and legal/regulatory proceedings.
- Secondary Loss (SL):SL is the loss caused by the external characteristics of an environment when a threat event occurs. SL is measured by a combination of secondary loss event frequency (SLEF) and secondary loss magnitude (SLM). SLEF is measured considering the timing, due diligence, response, and detection. Threat events result in a direct loss owing to the importance of the asset and inherent value characteristics but SLEF is based on changes in the external environment. SLM reflects changes in the legal and regulatory landscape, competitive landscape, media, and external stakeholder. When cyberattacks lead to social disruption, various indicators of each factor are reflected.
4. Risk Assessment and Situation Awareness in IoT Environment
4.1. Research on Risk Assessment in the IoT Environment
4.2. SA in Cyberspace
5. Risk Measurement of Information Leakage in IoT Environment from the Viewpoint of SA
5.1. IoT Environment Awareness For Identification of Threats and Assets
- Keystroke Inference Attack: Keystroke inference is a common threat that can occur in IoT equipment. Most commercially available IoT devices comprise input devices such as touch screens, touch pads, and keyboards. When the user enters an ID, password, or word into the device, the device tilts and rotates to create a deviation of the data in the sensor (e.g., accelerometer, gyroscope, audio, light sensor, etc.) for each instance. An attacker can use this deviation of sensor data to infer a keystroke. Keystroke inference attacks can be made on IoT devices but they can also affect nearby devices. For example, putting the smartphone on a desk with a keyboard.
- Task Inference Attack: Task inference is a type of attack that infers information about an ongoing task or application on an IoT device. An attacker exploiting this inference attack can bypass the security policy implemented on the device and replicate the device state. The installed sensor in IoT device records the deviation of data values for various tasks being performed on the device. An attacker can use these values to infer execution processes and applications within the appliance.
- Location Inference Attack: The location inference is a location-privacy attack based on an acoustic side-channel. This inference attack utilizes acoustic information propagated in the nearest environment or space. This attack utilizes the acoustic reflection pattern of the voice at the user’s location and does not depend on the characteristic background noise. If the attacker can control IoT devices, they can identify personal information such as the user’s home or work location [34].
- Eavesdropping: IoT devices such as AI speakers use an audio sensor for dialing and receiving voice commands and other features. When a malicious application is installed on such IoT devices, it is possible to eavesdrop to record and extract the content and information of the conversation through such an audio sensor. Typical attacks that implement eavesdropping are Soundcomber and voice assistant applications. In this case, a malicious application uses an IoT device sensor to secretly record the user’s conversation [35]. Users are vulnerable to attack because the recording application runs in the background of the device. For example, when talking to a financial company such as a bank or a credit card company, a person may be exposed to threats if they reveal their personal information such as credit card or social security number. A malware that uses a voice assistant application can be used for a variety of malicious activities such as voice command duplication and information transmission. It can be controlled through SMS and Wi-Fi external control channel [36].
5.2. Risk Awareness to Set the Criteria for the Grades
5.3. Decision Awareness for Optimization
6. Results
6.1. Identify Asset and Threat in Smart Home
6.2. Risk Measurement for Decision Making on IoT-based Smart Home
6.2.1. Threat Measurement for Smart Home
- Threat Event Frequency (TEF) for IoT Devices: TEF is measured by a combination of contact and action. Contact is the frequency with which the threat agent tries to access the asset to be attacked and action is the possibility that the threat agent performs an attack against the attacked object. This study assumes that the contact has occurred because it uses the attack method to deduce the personal information by collecting data about the sensors included in the device. In other words, because there is a limit to obtain permission for various IoT devices, this study reflected the average of the accuracy of other studies when the inference attack was successful (see Table 3). The threat to Scenario 1 is the keystroke inference and eavesdropping that can occur with motion sensors (accelerometer, gravity, gyroscope, and audio sensors.) The threat of Scenario 2 is location inference and eavesdropping, so GPS sensor, motion sensors, It is based on the probability of inference. Scenario 3 occurs at the location reference, which is exposed to threats through environmental sensors and magnetic sensors. Scenario 4 is a threat to understanding the structure of a home, so eavesdropping and task inference attacks are used. This can be represented by a combination of the accuracy of the information inference of camera sensors, light sensors, and audio sensors. Since Scenario 5 is an unauthorised surveillance threat, threats can be quantified by the probability of inference through camera sensors. Scenario 6 is the combination of the inference probabilities of the position sensors with the threat of confirming whether the resident’s home location is located by location inference and task inference.
- Vulnerabilities (VUL) of IoT Devices: VUL is measured as a combination of threat capability (TCap) and control strength (CS), which indicates difficulty in successful attacks. Given the collection of sensor data and information leakage, it should reflect the vulnerability defined as “CWE 264” implying “gain privilege” [64]. Therefore, this study utilized the common vulnerability scoring system (CVSS) because it can generalize scores for vulnerabilities across software and hardware platforms and enable uniform vulnerability management policies. In addition, the CVSS score can be represented by the TCap of the FAIR because the attack vector, confidentiality impact, integrity impact, availability impact, exploit code maturity, and remediation level are considered in the process of calculating the lower equation. Because CS is a factor indicating the difficulty of attack, it is set to the price of the exploit traded in “Zerodium”. The reason for selecting CS for this price is that the higher the price of the exploit, the more difficult it is to find and use the vulnerability. In this study, CS was set as an index from 0 to 10 using the prices for exploits that can collect sensor data among transaction items (See Table 4) [65]. The vulnerabilities for each scenario are equally reflected by the combination of the CVSS Score defined as “CWE 264” and the exploit indicators traded at Zerodium. The reason for this is that we have exploited the vulnerability of privilege taking over IoT devices in terms of the probability distribution.
6.2.2. Damage Measurement to Assets of Smart Home
- Primary Loss (PL) to Data Breach in Smart Home: This paper assumes the leakage of sensor data collected from IoT devices in a smart home. In this case, the threat competence constituting the PLEF is the number of leaked data, and PLM is a combination of criticality, cost, and sensitivity, which is a direct economic loss caused by the threat. This PL data is equal to the risk level measured in the “Breach Level Index”. This study collected the data of “Other”, which represents the outflow of general information in the data breach, and used it as an indicator of PL. From 2016 to 2018, we used risk data for information leakage from three countries (United States, United Kingdom, Australia) that suffered the most data leakage (See Figure 6) [66].
- Secondary Loss (SL) against Social Disruption: In most cases of information leaks, organizations responsible for information management are subject to legal liability or public criticism. However, this legal responsibility and the level of public criticism are linked to whether the policy system is structured systematically. In other words, for information leakage events, government functionality, civil liberty, and political participation can be used as factors affecting secondary loss. Since SLEF considers timing, due diligence, response, and detection, it relates to the government functionalities corresponding to information leakage. With the case of SLM, it is associated with civil liberty and political participation in terms of including changes to the legal and regulatory landscape, competitive landscape, media, and external stakeholder. SLM was used as a civil liberty and political participation because it could suppress social confusion such as political participation or criticism of public opinion and public opinion. This study used government functionality, civil liberty and political participation among the national democracy indexes published in the “Economist” in setting SL (See Table 5) [67].
6.2.3. Risk Optimization for Decision-Making
7. Conclusions
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Arsénio, A.; Serra, H.; Francisco, R.; Nabais, F.; Andrade, J.; Serrano, E. Internet of intelligent things: Bringing artificial intelligence into things and communication networks. In Inter-Cooperative Collective Intelligence: Techniques and Applications; Springer: Berlin, Germany, 2014; pp. 1–37. [Google Scholar]
- Durden, T. Wikileaks Unveils ‘Vault 7’: “The Largest Ever Publication Of Confidential CIA Documents”; Another Snowden Emerges. Available online: https://www.zerohedge.com/news/2017-03-07/wikileaks-hold-press-conference-vault-7-release-8am-eastern (accessed on 31 March 2019).
- Burhan, M.; Rehman, R.; Khan, B.; Kim, B.S. IoT Elements, Layered Architectures and Security Issues: A Comprehensive Survey. Sensors 2018, 18, 2796. [Google Scholar] [CrossRef] [PubMed]
- Operations, C. Joint Publication 3-12 (R); Joint Chief of Staffs: Washington, DC, USA, 2013. [Google Scholar]
- Philip, R. Enabling Distributed Security in Cyberspace; Departament of Homeland Security: Washington, DC, USA, 2011.
- Jones, J. An introduction to factor analysis of information risk (fair). Norwich J. Inf. Assur. 2006, 2, 67. [Google Scholar]
- Dobson, I.; Hietala, J. Risk Management-The Open Group Guide; Van Haren Publishing (VHP): Berkshire, UK, 2011. [Google Scholar]
- Ali, B.; Awad, A. Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 2018, 18, 817. [Google Scholar] [CrossRef]
- Liu, C.; Zhang, Y.; Zeng, J.; Peng, L.; Chen, R. Research on Dynamical Security Risk Assessment for the Internet of Things inspired by immunology. In Proceedings of the 2012 8th International Conference on Natural Computation, Chongqing, China, 29–31 May 2012; pp. 874–878. [Google Scholar]
- Sicari, S.; Rizzardi, A.; Miorandi, D.; Coen-Porisini, A. A risk assessment methodology for the Internet of Things. Comput. Commun. 2018, 129, 67–79. [Google Scholar] [CrossRef]
- Chouhan, P.K.; McClean, S.; Shackleton, M. Situation Assessment to Secure IoT Applications. In Proceedings of the 2018 Fifth International Conference on Internet of Things: Systems, Management and Security, Valencia, Spain, 15–18 October 2018; pp. 70–77. [Google Scholar]
- Shivraj, V.; Rajan, M.; Balamuralidhar, P. A graph theory based generic risk assessment framework for internet of things (IoT). In Proceedings of the 2017 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bhubaneswar, India, 17–20 December 2017; pp. 1–6. [Google Scholar]
- Atamli, A.W.; Martin, A. Threat-based security analysis for the internet of things. In Proceedings of the 2014 International Workshop on Secure Internet of Things, Wroclaw, Poland, 10 September 2014; pp. 35–43. [Google Scholar]
- Wu, T.; Zhao, G. A novel risk assessment model for privacy security in internet of things. Wuhan Univ. J. Nat. Sci. 2014, 19, 398–404. [Google Scholar] [CrossRef]
- Nurse, J.R.; Creese, S.; De Roure, D. Security risk assessment in Internet of Things systems. IT Prof. 2017, 19, 20–26. [Google Scholar] [CrossRef]
- Heartfield, R.; Loukas, G.; Budimir, S.; Bezemskij, A.; Fontaine, J.R.; Filippoupolitis, A.; Roesch, E. A taxonomy of cyber-physical threats and impact in the smart home. Comput. Secur. 2018, 78, 398–428. [Google Scholar] [CrossRef]
- Ghirardello, K.; Maple, C.; Ng, D.; Kearney, P. Cyber security of smart homes: Development of a reference architecture for attack surface analysis. In Proceedings of the Living in the Internet of Things: Cybersecurity of the IoT, London, UK, 28–29 March 2018. [Google Scholar]
- Vitunskaite, M.; He, Y.; Brandstetter, T.; Janicke, H. Smart Cities and Cyber Security: Are We There Yet? A Comparative Study on the Role of Standards, Third Party Risk Management and Security Ownership. Comput. Secur. 2019, 83, 313–331. [Google Scholar] [CrossRef]
- Butun, I.; Pereira, N.; Gidlund, M. Security Risk Analysis of LoRaWAN and Future Directions. Future Internet 2019, 11, 3. [Google Scholar] [CrossRef]
- Salmon, P.; Stanton, N.; Walker, G.; Green, D. Situation awareness measurement: A review of applicability for C4i environments. Appl. Ergon. 2006, 37, 225–238. [Google Scholar] [CrossRef] [PubMed]
- Endsley, M.R. Toward a theory of situation awareness in dynamic systems. Hum. Factors 1995, 37, 32–64. [Google Scholar] [CrossRef]
- Parish, M.B.; Madahar, B. Understanding Cyberspace Through Cyber Situational Awareness; The Defence Science and Technology Laboratory: Wiltshire, UK, 2016.
- Okolica, J.; McDonald, J.T.; Peterson, G.L.; Mills, R.F.; Haas, M.W. Developing systems for cyber situational awareness. In Proceedings of the 2nd Cyberspace Research Workshop, Shreveport, LA, USA, 20 March 2009; p. 46. [Google Scholar]
- Tadda, G.P.; Salerno, J.S. Overview of cyber situation awareness. In Cyber Situational Awareness; Springer: Berlin, Germany, 2010; pp. 15–35. [Google Scholar]
- Evancich, N.; Lu, Z.; Li, J.; Cheng, Y.; Tuttle, J.; Xie, P. Network-wide awareness. In Cyber Defense and Situational Awareness; Springer: Berlin, Germany, 2014; pp. 63–91. [Google Scholar]
- Webb, J.; Ahmad, A.; Maynard, S.B.; Shanks, G. A situation awareness model for information security risk management. Comput. Secur. 2014, 44, 1–15. [Google Scholar] [CrossRef]
- Ruano, S.; Cuevas, C.; Gallego, G.; García, N. Augmented Reality Tool for the Situational Awareness Improvement of UAV Operators. Sensors 2017, 17, 297. [Google Scholar] [CrossRef] [PubMed]
- Vanveerdeghem, P.; Van Torre, P.; Stevens, C.; Knockaert, J.; Rogier, H. Synchronous wearable wireless body sensor network composed of autonomous textile nodes. Sensors 2014, 14, 18583–18610. [Google Scholar] [CrossRef]
- Zimbelman, E.G.; Keefe, R.F.; Strand, E.K.; Kolden, C.A.; Wempe, A.M. Hazards in motion: Development of mobile geofences for use in logging safety. Sensors 2017, 17, 822. [Google Scholar] [CrossRef] [PubMed]
- Park, M.; Seo, J.; Han, J.; Oh, H.; Lee, K. Situational awareness framework for threat intelligence measurement of android malware. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. (JoWUA) 2018, 9, 25–38. [Google Scholar]
- Park, M.; Han, J.; Oh, H.; Lee, K. Threat Assessment for Android Environment with Connectivity to IoT Devices from the Perspective of Situational Awareness. Wirel. Commun. Mob. Comput. 2019, 2019, 5121054. [Google Scholar] [CrossRef]
- Brenner, J. ISO 27001 risk management and compliance. Risk Manag. 2007, 54, 24–29. [Google Scholar]
- Sikder, A.K.; Petracca, G.; Aksu, H.; Jaeger, T.; Uluagac, A.S. A Survey on Sensor-based Threats to Internet-of-Things (IoT) Devices and Applications. arXiv 2018, arXiv:1802.02041. [Google Scholar]
- Petracca, G.; Marvel, L.M.; Swami, A.; Jaeger, T. Agility maneuvers to mitigate inference attacks on sensed location data. In Proceedings of the Military Communications Conference, Baltimore, MD, USA, 1–3 November 2016; pp. 259–264. [Google Scholar]
- Schlegel, R.; Zhang, K.; Zhou, X.y.; Intwala, M.; Kapadia, A.; Wang, X. Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. NDSS 2011, 11, 17–33. [Google Scholar]
- Diao, W.; Liu, X.; Zhou, Z.; Zhang, K. Your voice assistant is mine: How to abuse speakers to steal information and control your phone. In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, Scottsdale, AZ, USA, 3–7 November 2014; pp. 63–74. [Google Scholar]
- Han, J.; Pei, J.; Kamber, M. Data Mining: Concepts and Techniques; Elsevier: Amsterdam, The Netherlands, 2011; p. 451. [Google Scholar]
- Figueiredo, M.A.T.; Jain, A.K. Unsupervised learning of finite mixture models. IEEE Trans. Pattern Anal. Mach. Intell. 2002, 24, 381–396. [Google Scholar] [CrossRef]
- Reynolds, D. Gaussian mixture models. In Encyclopedia of Biometrics; Springer: Berlin, Germany, 2015; pp. 827–832. [Google Scholar]
- Mouton, F.; Leenen, L.; Venter, H.S. Social engineering attack examples, templates and scenarios. Comput. Secur. 2016, 59, 186–209. [Google Scholar] [CrossRef]
- Ali, W.; Dustgeer, G.; Awais, M.; Shah, M.A. IoT based smart home: Security challenges, security requirements and solutions. In Proceedings of the 2017 23rd International Conference on Automation and Computing (ICAC), Huddersfield, UK, 7–8 September 2017; pp. 1–6. [Google Scholar]
- Nawir, M.; Amir, A.; Yaakob, N.; Lynn, O.B. Internet of Things (IoT): Taxonomy of security attacks. In Proceedings of the 2016 3rd International Conference on Electronic Design (ICED), Phuket, Thailand, 11–12 August 2016; pp. 321–326. [Google Scholar]
- Jing, Q.; Vasilakos, A.V.; Wan, J.; Lu, J.; Qiu, D. Security of the Internet of Things: Perspectives and challenges. Wirel. Netw. 2014, 20, 2481–2501. [Google Scholar] [CrossRef]
- Geneiatakis, D.; Kounelis, I.; Neisse, R.; Nai-Fovino, I.; Steri, G.; Baldini, G. Security and privacy issues for an IoT based smart home. In Proceedings of the 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 22–26 May 2017; pp. 1292–1297. [Google Scholar]
- Tekeoglu, A.; Tosun, A.S. Investigating security and privacy of a cloud-based wireless IP camera: NetCam. In Proceedings of the 2015 24th International Conference on Computer Communication and Networks (ICCCN), Las Vegas, NV, USA, 3–6 August 2015; pp. 1–6. [Google Scholar]
- Michele, B.; Karpow, A. Using malicious media files to compromise the security and privacy of smart TVs. In Proceedings of the 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), Las Vegas, NV, USA, 10–13 January 2014; pp. 1144–1145. [Google Scholar]
- Elkhodr, M.; Shahrestani, S.; Cheung, H. A review of mobile location privacy in the internet of things. In Proceedings of the 2012 Tenth International Conference on ICT and Knowledge Engineering, Bangkok, Thailand, 21–23 November 2012; pp. 266–272. [Google Scholar]
- Meng, H.; Thing, V.L.; Cheng, Y.; Dai, Z.; Zhang, L. A survey of Android exploits in the wild. Comput. Secur. 2018, 76, 71–91. [Google Scholar] [CrossRef]
- Maiti, A.; Jadliwala, M.; He, J.; Bilogrevic, I. Side-Channel Inference Attacks on Mobile Keypads using Smartwatches. IEEE Trans. Mob. Comput. 2018, 17, 2180–2194. [Google Scholar] [CrossRef]
- Michalevsky, Y.; Boneh, D.; Nakibly, G. Gyrophone: Recognizing Speech from Gyroscope Signals. In Proceedings of the USENIX Security Symposium, San Diego, CA, USA, 20–22 August 2014; pp. 1053–1067. [Google Scholar]
- Maiti, A.; Jadliwala, M.; He, J.; Bilogrevic, I. (Smart) watch your taps: side-channel keystroke inference attacks using smartwatches. In Proceedings of the 2015 ACM International Symposium on Wearable Computers, Osaka, Japan, 9–11 September 2015; pp. 27–30. [Google Scholar]
- Aviv, A.J.; Sapp, B.; Blaze, M.; Smith, J.M. Practicality of accelerometer side channels on smartphones. In Proceedings of the 28th Annual Computer Security Applications Conference, Orlando, FL, USA, 3–7 December 2012; pp. 41–50. [Google Scholar]
- Sarkisyan, A.; Debbiny, R.; Nahapetian, A. WristSnoop: Smartphone PINs prediction using smartwatch motion sensors. In Proceedings of the 2015 IEEE International Workshop on Information Forensics and Security (WIFS), Rome, Italy, 16–19 November 2015; pp. 1–6. [Google Scholar]
- Spreitzer, R. Pin skimming: Exploiting the ambient-light sensor in mobile devices. In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, Scottsdale, AR, USA, 7 November 2014; pp. 51–62. [Google Scholar]
- Chakraborty, S.; Ouyang, W.; Srivastava, M. LightSpy: Optical eavesdropping on displays using light sensors on mobile devices. In Proceedings of the 2017 IEEE International Conference on Big Data (Big Data), Boston, MA, USA, 11–14 December 2017; pp. 2980–2989. [Google Scholar]
- Zhu, T.; Ma, Q.; Zhang, S.; Liu, Y. Context-free attacks using keyboard acoustic emanations. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, 3–7 November 2014; pp. 453–464. [Google Scholar]
- Halevi, T.; Saxena, N. A closer look at keyboard acoustic emanations: random passwords, typing styles and decoding techniques. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2–4 May 2012; pp. 89–90. [Google Scholar]
- Lei, L.; Wang, Y.; Zhou, J.; Zha, D.; Zhang, Z. A threat to mobile cyber-physical systems: Sensor-based privacy theft attacks on Android smartphones. In Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Melbourne, Australia, 16–18 July 2013; pp. 126–133. [Google Scholar]
- Simon, L.; Anderson, R. Pin skimmer: Inferring pins through the camera and microphone. In Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, Berlin, Germany, 8 November 2013; pp. 67–78. [Google Scholar]
- Shukla, D.; Kumar, R.; Serwadda, A.; Phoha, V.V. Beware, your hands reveal your secrets! In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, 3–7 November 2014; pp. 904–917. [Google Scholar]
- Raguram, R.; White, A.M.; Goswami, D.; Monrose, F.; Frahm, J.M. iSpy: automatic reconstruction of typed input from compromising reflections. In Proceedings of the 18th ACM conference on Computer and Communications Security, Chicago, IL, USA, 17–21 October 2011; pp. 527–536. [Google Scholar]
- Vuagnoux, M.; Pasini, S. Compromising Electromagnetic Emanations of Wired and Wireless Keyboards. In Proceedings of the USENIX Security Symposium, Montreal, QC, Canada, 10–14 August 2009; pp. 1–16. [Google Scholar]
- Biedermann, S.; Katzenbeisser, S.; Szefer, J. Hard drive side-channel attacks using smartphone magnetic field sensors. In Proceedings of the International Conference on Financial Cryptography and Data Security, San Juan, Puerto Rico, 26–30 January 2015; pp. 489–496. [Google Scholar]
- NIST. CVSS Score. 2018. Available online: https://www.first.org/cvss/ (accessed on 31 March 2019 ).
- ZERODIUM. ZERODIUM Payouts for Mobiles. 2018. Available online: http://zerodium.com/program.html (accessed on 31 March 2019 ).
- Index, B.L. Data Breach Database. 2018. Available online: https://breachlevelindex.com/data-breach-database (accessed on 31 March 2019 ).
- EIU.com. Democracy Index—Economist Intelligence Unit. Available online: https://www.eiu.com/topic/democracy-index (accessed on 31 March 2019).
Sensor Type | Sensor | Description |
---|---|---|
Motion Sensors | Accelerometer | - Measure acceleration along the X, Y, and Z axes - Possible to check the speed change or strength of the mobile device |
Gravity | - Measures gravitational acceleration based on the X, Y, and Z-axes - Recognizes the horizontal or vertical direction and the upper and lower references | |
Gyroscope | - Measures the rotational speed for the X, Y, and Z-axes - Checks mobile device tilt or rotation | |
Environmental Sensors | Light sensor | - Measures light in - Used to adjust the screen brightness of the mobile device depending on the surrounding environment |
Temperature sensor | - Measures the ambient temperature - Sets or controls the temperature of the mobile device | |
Proximity sensor | - Measures the distance between the screen of the mobile device and the object to be measured without physical contact | |
Audio sensor | - Microphone: Detects acoustic signal - Speaker: Plays audio signal | |
Camera sensor | - Handles lighting intensity and ambiance for capturing photos and videos around mobile devices | |
Barometer sensor | - Pressure measurement of mobile device | |
Position Sensors | GPS sensor | - Uses GPS satellites to measure the current location and time of the mobile device |
Magnetic sensor | - Measures the azimuth using the Earth’s magnetic field, and applies it to compass applications |
Scenario | Asset | Possible Threats | Attack Methods |
---|---|---|---|
1 | User credentials | - Taking ID and password to a touchpad using a motion sensor - Acquisition of audio sensor data for identification and qualification | -Keystroke Inference -Eavesdropping |
2 | Mobile personal data | - Degradation of position information through GPS sensor - Password stealing through motion sensor - Tapping through audio sensors - Leaking the camera sensor to privacy information | -Keystroke Inference -Location Inference -Task Inference -Eavesdropping |
3 | Home status | - Confirmation of user through environment sensor and magnetic sensor | -Location Inference |
4 | Home structure | - Check the structure of the house through the camera sensor - Check the internal structure of the house through the wavelength recognized by the audio and light sensor | -Eavesdropping -Task Inference |
5 | Surveillance cameras | - Leaking privacy information through camera sensor | -Eavesdropping -Task Inference |
6 | Location tracking | - Using the GPS sensor to estimate the position of the inside of the house - Using the magnetic sensor to estimate the position of the inside of the house | -Location Inference -Task Inference |
Type of Sensor | Attackable Sensors | Possibility of Attack (Index of TEF) | Ref. |
---|---|---|---|
Motion Sensors | Accelerometer, Gravity Gyroscope | 0.762 (TEF: 7.62) | [49,50,51,52,53] |
Environmental Sensors | Light sensor | 0.825 (TEF: 8.25) | [54,55] |
Audio sensor | 0.805 (TEF: 8.05) | [36,56,57,58] | |
Camera sensor | 0.79 (TEF: 7.9) | [59,60,61] | |
Position Sensors | GPS sensor | 0.869 (TEF: 8.69) | [34] |
Magnetic sensor | 0.96 (TEF: 9.6) | [62,63] |
Price | Vulnerabilities | Index of Control Strength (CS) |
---|---|---|
Up to $500,000 | Email App RCE + LPE | 9.5 |
SMS/MMS RCE + LPE | 9.18 | |
Signal RCE + LPE | 8.22 | |
Viber RCE + LPE | 7.58 | |
Up to $1,500,00 | Chrome RCE + LPE | 6.94 |
Documents RCE + LPE | 6.62 | |
Media Files RCE + LPE | 6.3 | |
Baseband RCE + LPE | 5.98 | |
Up to $1,000,00 | LPE to Kernel | 5.34 |
Wifi RCE + LPE | 4.7 | |
Up to $50,000 | LPE to Root | 4.04 |
RCE via MitM | 3.72 | |
Up to $25,000 | LPE to System | 1.5 |
Up to $15,000 | Information Disclosure | 0.32 |
Year | Nations | Government Functionality | Political Participation | Civil Liberty | Secondary Loss (SL) Score |
---|---|---|---|---|---|
2016 | United States | 7.14 | 8.13 | 8.24 | 7.84 |
United Kingdom | 7.14 | 8.75 | 9.12 | 8.34 | |
Australia | 8.93 | 7.78 | 10.0 | 8.90 | |
2017 | United States | 7.14 | 7.22 | 8.24 | 7.53 |
United Kingdom | 7.50 | 8.33 | 9.12 | 8.32 | |
Australia | 8.93 | 7.78 | 10.0 | 8.90 | |
2018 | United States | 7.14 | 7.78 | 8.24 | 7.72 |
United Kingdom | 7.14 | 8.75 | 9.12 | 8.32 | |
Australia | 8.93 | 7.78 | 10.0 | 8.90 |
© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Park, M.; Oh, H.; Lee, K. Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective. Sensors 2019, 19, 2148. https://doi.org/10.3390/s19092148
Park M, Oh H, Lee K. Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective. Sensors. 2019; 19(9):2148. https://doi.org/10.3390/s19092148
Chicago/Turabian StylePark, Mookyu, Haengrok Oh, and Kyungho Lee. 2019. "Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective" Sensors 19, no. 9: 2148. https://doi.org/10.3390/s19092148
APA StylePark, M., Oh, H., & Lee, K. (2019). Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective. Sensors, 19(9), 2148. https://doi.org/10.3390/s19092148