Atheer Almogbil, Momo Steele, Sofia Belikovetsky (Johns Hopkins University), Adil Inam (University of Illinois at Urbana-Champaign), Olivia Wu (Johns Hopkins University), Aviel Rubin (Johns Hopkins University), Adam Bates (University of Illinois at Urbana-Champaign)
The rise in the adoption of Internet of Things (IoT) has led to a surge in information generation and collection. Many IoT devices systematically collect sensitive data pertaining to users’ personal lives such as user activity, location, and communication. Prior works have focused on uncovering user privacy and profiling concerns in the context of one or two specific devices and threat models. However, user profiling concerns within a complete smart home ecosystem, under various threat models, have not been explored. In this work, we aim to analyze the privacy and user-profiling concerns in smart home environments under varying levels of threat models. We contribute an analysis of various IoT attacks existing in literature that enable an adversary to access data on IoT devices. Based on this analysis, we identify user behavior based on data accessed by such attacks. Our work reveals the extent to which an adversary can monitor user behavior based on information collected from smart households under varying threat models.