Haoqiang Wang (Chinese Academy of Sciences, University of Chinese Academy of Sciences, Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Yiwei Fang, Ze Jin, Qixu Liu (Chinese Academy of Sciences, University of Chinese Academy of Sciences, Indiana University Bloomington), Luyi Xing (Indiana University Bloomington)

The Matter protocol is a new communication standard for smart home devices, aiming to enhance interoperability and compatibility among different vendors. However, vendors may encounter unanticipated security issues during development and deployment phases centered around the Matter protocol. In this paper, we focus on examining vulnerabilities within Apple Home framework when implementing the Matter protocol, identifying several attack scenarios that can exploit these vulnerabilities to perform unauthorized actions and conceal their identities. We also compare the design of Apple Home with Google Home, highlighting the differences and implications for security. We reported these vulnerabilities to related vendors, which have been acknowledged by Connectivity Standards Alliance (CSA). Our work reveals the challenges and risks associated with adopting the Matter protocol, and provides suggestions for improving its security design and implementation.

View More Papers

DEMASQ: Unmasking the ChatGPT Wordsmith

Kavita Kumari (Technical University of Darmstadt, Germany), Alessandro Pegoraro (Technical University of Darmstadt), Hossein Fereidooni (Technische Universität Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt)

Read More

Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor...

Fannv He (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China), Yan Jia (DISSec, College of Cyber Science, Nankai University, China), Jiayu Zhao (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China), Yue Fang (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China),…

Read More

Vision: “AccessFormer”: Feedback-Driven Access Control Policy

Sakuna Harinda Jayasundara, Nalin Asanka Gamagedara Arachchilage, Giovanni Russello (University of Auckland)

Read More

Parrot-Trained Adversarial Examples: Pushing the Practicality of Black-Box Audio...

Rui Duan (University of South Florida), Zhe Qu (Central South University), Leah Ding (American University), Yao Liu (University of South Florida), Zhuo Lu (University of South Florida)

Read More