Search Icon
Register

Hidden and Lost Control: on Security Design Risks in IoT User-Facing Matter Controller

Haoqiang Wang, Yiwei Fang (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Ze Jin (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Emma Delph (Indiana University Bloomington), Xiaojiang Du (Stevens Institute of Technology), Qixu Liu (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Luyi Xing (Indiana University Bloomington)

Matter is emerging as an IoT industry–unifying standard, aiming to enhance the interoperability among diverse smart home products, enabling them to work securely and seamlessly together. With many popular IoT vendors increasingly supporting Matter in consumer IoT products, we perform a systematic study to investigate how and whether vendors can integrate Matter securely into IoT systems and how well Matter as a standard supports vendors’ secure integration.

By analyzing Matter development model in the wild, we reveal a new kind of design flaw in user-facing Matter control capabilities and interfaces, called UMCCI flaws, which are exploitable vulnerabilities in the design space and seriously jeopardize necessary control and surveillance capabilities of Matter-enabled devices for IoT users. Therefore we built an automatic tool called UMCCI Checker, enhanced by the large-language model in UI analysis, which enables automatically detecting UMCCI flaws without relying on real IoT devices. Our tool assisted us with studying and performing proof-of-concept attacks on 11 real Matter devices of 8 popular vendors to confirm that the UMCCI flaws are practical and common. We reported UMCCI flaws to related vendors, which have been acknowledged by CSA, Apple, Tuya, Aqara, etc. To help CSA and vendors better understand and avoid security flaws in developing and integrating IoT standards like Matter, we identify two categories of root causes and propose immediate fix recommendations.

Paper
Slides
Video

View More Papers

THEMIS: Regulating Textual Inversion for Personalized Concept Censorship

Yutong Wu (Nanyang Technological University), Jie Zhang (Centre for Frontier AI Research, Agency for Science, Technology and Research (A*STAR), Singapore), Florian Kerschbaum (University of Waterloo), Tianwei Zhang (Nanyang Technological University)

Read More

Security Signals: Making Web Security Posture Measurable at Scale

Michele Spagnuolo (Google), David Dworken (Google), Artur Janc (Google), Santiago Díaz (Google), Lukas Weichselbaum (Google)

Read More

Deanonymizing Device Identities via Side-channel Attacks in Exclusive-use IoTs...

Christopher Ellis (The Ohio State University), Yue Zhang (Drexel University), Mohit Kumar Jangid (The Ohio State University), Shixuan Zhao (The Ohio State University), Zhiqiang Lin (The Ohio State University)

Read More

User Comprehension and Comfort with Eye-Tracking and Hand-Tracking Permissions...

Kaiming Cheng (University of Washington), Mattea Sim (Indiana University), Tadayoshi Kohno (University of Washington), Franziska Roesner (University of Washington)

Read More