Security Analysis of Emerging Smart Home Applications
Citations
1,236 citations
Cites background from "Security Analysis of Emerging Smart..."
...Researchers have found that IoT devices contain vulnerabilities from the firmware level [18, 19] up to the application level [26, 29, 73, 78]....
[...]
616 citations
Cites methods from "Security Analysis of Emerging Smart..."
...[87] constructed four proof-ofconcept attacks by exploiting two design flaws in SmartThings framework....
[...]
...The SmartThings infrastructure environment applies Kohsuke sandboxing technique [113] and isolates both SmartApps and SmartDevices (Device Handler instances) from each other [87]....
[...]
452 citations
Cites background from "Security Analysis of Emerging Smart..."
...known that IoT devices are by their nature and design easy to infiltrate [7], [8], [9], [10], [11], [12]....
[...]
390 citations
Cites background from "Security Analysis of Emerging Smart..."
...[321] have studied Samsung owned SmartThings programming framework and Samsung’s SmartApps market and claim that 55% of the smart applications in the store are over-privileged....
[...]
...Such report was no surprise given CIA’s resources, but these attacks are not all that difficult given how un-secure the devices are as demonstrated by [321]; who were able to change door lock codes and induce fake alarms among other activities....
[...]
326 citations
References
149 citations
"Security Analysis of Emerging Smart..." refers background or methods in this paper
...Prior research has demonstrated that many mobile apps incorrectly implement the OAuth protocol due to developer misunderstanding, confusing OAuth documentation, and limitations of mobile operating systems that make the OAuth process insecure [10]....
[...]
...[10], we investigated a disassembled binary of the third-party Android app and found that the client ID and client secret, needed to obtain an OAuth token, are embedded inside the app’s bytecode....
[...]
141 citations
"Security Analysis of Emerging Smart..." refers background in this paper
...introduced a set of guidelines on when to use different types of permissions [14]....
[...]
116 citations
"Security Analysis of Emerging Smart..." refers background in this paper
...among others, and found that each system provides a siloed access control system that fails to enable essential use cases such as sharing smart devices with other users like children and temporary workers [29]....
[...]
88 citations
"Security Analysis of Emerging Smart..." refers background in this paper
...introduced User-Driven Access Control where the user is kept in the loop, at the moment an app uses a sensitive resource [24], [25]....
[...]
42 citations
"Security Analysis of Emerging Smart..." refers background in this paper
...caused compact florescent lights to rapidly power cycle, possibly inducing seizures in epileptic users [23]....
[...]