Dhananjai Bajpai (Marquette University), Keyang Yu (Marquette University)

Internet of Things (IoT) devices have been expanding rapidly and significantly improved the automation and convenience in modern smart homes. Such functionalities are supported by large amount of data collection, analysis and sharing, which may bring privacy threat to the smart home users. It is crucial to identify unauthorized traffic volume data generated by IoT device, to help user better understand the privacy threat to their IoT environment. This paper presents a cost-effective approach to monitoring data-sharing activities of household IoT devices using the Cisco OpenDNS platform. We have analyzed the Internet traffic data generated from four popular devices to identify unauthorized third-party data sharing. We have discovered that such data sharing exists in multiple types of IoT devices installed in the smart home, the Smart TVs are sharing user-specific viewing data with third parties without user’s consent, iPhone exhibits involuntary synchronization, and the IoT Plugs also show no unauthorized connection behavior. This user-specific, deployable pipeline contrasts with prior testbeddependent studies and highlights the need for transparent data governance.

View More Papers

Hidden and Lost Control: on Security Design Risks in...

Haoqiang Wang, Yiwei Fang (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Ze Jin (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Emma Delph…

Read More

VeriBin: Adaptive Verification of Patches at the Binary Level

Hongwei Wu (Purdue University), Jianliang Wu (Simon Fraser University), Ruoyu Wu (Purdue University), Ayushi Sharma (Purdue University), Aravind Machiry (Purdue University), Antonio Bianchi (Purdue University)

Read More

LeoCommon – A Ground Station Observatory Network for LEO...

Eric Jedermann, Martin Böh (University of Kaiserslautern), Martin Strohmeier (armasuisse Science & Technology), Vincent Lenders (Cyber-Defence Campus, armasuisse Science & Technology), Jens Schmitt (University of Kaiserslautern)

Read More

MingledPie: A Cluster Mingling Approach for Mitigating Preference Profiling...

Cheng Zhang (Hunan University), Yang Xu (Hunan University), Jianghao Tan (Hunan University), Jiajie An (Hunan University), Wenqiang Jin (Hunan University)

Read More