Dhananjai Bajpai (Marquette University), Keyang Yu (Marquette University)

Internet of Things (IoT) devices have been expanding rapidly and significantly improved the automation and convenience in modern smart homes. Such functionalities are supported by large amount of data collection, analysis and sharing, which may bring privacy threat to the smart home users. It is crucial to identify unauthorized traffic volume data generated by IoT device, to help user better understand the privacy threat to their IoT environment. This paper presents a cost-effective approach to monitoring data-sharing activities of household IoT devices using the Cisco OpenDNS platform. We have analyzed the Internet traffic data generated from four popular devices to identify unauthorized third-party data sharing. We have discovered that such data sharing exists in multiple types of IoT devices installed in the smart home, the Smart TVs are sharing user-specific viewing data with third parties without user’s consent, iPhone exhibits involuntary synchronization, and the IoT Plugs also show no unauthorized connection behavior. This user-specific, deployable pipeline contrasts with prior testbeddependent studies and highlights the need for transparent data governance.

View More Papers

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall...

Shencha Fan (GFW Report), Jackson Sippe (University of Colorado Boulder), Sakamoto San (Shinonome Lab), Jade Sheffey (UMass Amherst), David Fifield (None), Amir Houmansadr (UMass Amherst), Elson Wedwards (None), Eric Wustrow (University of Colorado Boulder)

Read More

EMIRIS: Eavesdropping on Iris Information via Electromagnetic Side Channel

Wenhao Li (Shandong University), Jiahao Wang (Shandong University), Guoming Zhang (Shandong University), Yanni Yang (Shandong University), Riccardo Spolaor (Shandong University), Xiuzhen Cheng (Shandong University), Pengfei Hu (Shandong University)

Read More

Kronos: A Secure and Generic Sharding Blockchain Consensus with...

Yizhong Liu (Beihang University), Andi Liu (Beihang University), Yuan Lu (Institute of Software Chinese Academy of Sciences), Zhuocheng Pan (Beihang University), Yinuo Li (Xi’an Jiaotong University), Jianwei Liu (Beihang University), Song Bian (Beihang University), Mauro Conti (University of Padua)

Read More

Revisiting EM-based Estimation for Locally Differentially Private Protocols

Yutong Ye (Institute of software, Chinese Academy of Sciences & Zhongguancun Laboratory, Beijing, PR.China.), Tianhao Wang (University of Virginia), Min Zhang (Institute of Software, Chinese Academy of Sciences), Dengguo Feng (Institute of Software, Chinese Academy of Sciences)

Read More