skip to main content

Explore Research Products in the NSF-PAR

Title: The Upcycled Home: Removing Barriers to Lightweight Modification of the Home's Everyday Objects
The Internet-of-things (IoT) embeds computing in everyday objects, but has largely focused on new devices while ignoring the home's many existing possessions. We present a field study with 10 American families to understand how these possessions could be included in the smart home through upcycling. We describe three patterns for how families collaborate around home responsibilities; we explore families' mental models of home that may be in tension with existing IoT systems; and we identify ways that families can more easily imagine a smart home that includes their existing possessions. These insights can help us design an upcycled approach to IoT that supports users in reconfiguring objects (and social roles as mediated by objects) in a way that is sensitive to what will be displaced, discarded, or made obsolete. Our findings inform the design of future lightweight systems for the upcycled home.  more » « less
Award ID(s):
1718651
NSF-PAR ID:
10191360
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
Proceedings of the 2020 CHI Conference on Human Factors in Computing
Page Range / eLocation ID:
1 to 13
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ( , Fourth International Conference on Fog and Mobile Edge Computing (FMEC))
    Typical Internet of Things (IoT) and smart home environments are composed of smart devices that are controlled and orchestrated by applications developed and run in the cloud. Correctness is important for these applications, since they control the home's physical security (i.e. door locks) and systems (i.e. HVAC). Unfortunately, many smart home applications and systems exhibit poor security characteristics and insufficient system support. Instead they force application developers to reason about a combination of complicated scenarios-asynchronous events and distributed devices. This paper demonstrates that existing cloud-based smart home platforms provide insufficient support for applications to correctly deal with concurrency and data consistency issues. These weaknesses expose platform vulnerabilities that affect system correctness and security (e.g. a smart lock erroneously unlocked). To address this, we present OKAPI, an application-level API that provides strict atomicity and event ordering. We evaluate our work using the Samsung SmartThings smart home devices, hub, and cloud infrastructure. In addition to identifying shortfalls of cloud-based smart home platforms, we propose design guidelines to make application developers oblivious of smart home platforms' consistency and concurrency intricacies. 
    more » « less
  2. ; ; ; ; ; ( , 8th ACM/IEEE Conference on Internet of Things Design and Implementation)
    In recent years, Internet of Things (IoT) devices have been extensively deployed in edge networks, including smart homes and offices. Despite the exciting opportunities afforded by the advancements in the IoT, it also introduces new attack vectors and vulnerabilities in the system. Existing studies have shown that the attack graph is an effective model for performing system-level analysis of IoT security. In this paper, we study IoT system vulnerability analysis and network hardening. We first extend the concept of attack graph to weighted attack graph and design a novel algorithm for computing a shortest attack trace in a weighted attack graph. We then formulate the network hardening problem. We prove that this problem is NP-hard, and then design an exact algorithm and a heuristic algorithm to solve it. Extensive experiments on 9 synthetic IoT systems and 2 real-world smart home IoT testbeds demonstrate that our shortest attack trace algorithm is robust and fast, and our heuristic network hardening algorithm is efficient in producing near optimal results compared to the exact algorithm. 
    more » « less
  3. ; ; ( , ACM Conference on Data and Application Security and Privacy)
    The number of smart home IoT (Internet of Things) devices has been growing fast in recent years. Along with the great benefits brought by smart home devices, new threats have appeared. One major threat to smart home users is the compromise of their privacy by traffic analysis (TA) attacks. Researchers have shown that TA attacks can be performed successfully on either plain or encrypted traffic to identify smart home devices and infer user activities. Tunneling traffic is a very strong countermeasure to existing TA attacks. However, in this work, we design a Signature based Tunneled Traffic Analysis (STTA) attack that can be effective even on tunneled traffic. Using a popular smart home traffic dataset, we demonstrate that our attack can achieve an 83% accuracy on identifying 14 smart home devices. We further design a simple defense mechanism based on adding uniform random noise to effectively protect against our TA attack without introducing too much overhead. We prove that our defense mechanism achieves approximate differential privacy. 
    more » « less
  4. ; ; ; ; ; ( , ACM/IEEE Symposium on Edge Computing)
    Smart home IoT devices are becoming increasingly popular. Modern programmable smart home hubs such as SmartThings enable homeowners to manage devices in sophisticated ways to save energy, improve security, and provide conveniences. Unfortunately, many smart home systems contain vulnerabilities, potentially impacting home security and privacy. This paper presents Vigilia, a system that shrinks the attack surface of smart home IoT systems by restricting the network access of devices. As existing smart home systems are closed, we have created an open implementation of a similar programming and configuration model in Vigilia and extended the execution environment to maximally restrict communications by instantiating device-based network permissions. We have implemented and compared Vigilia with forefront IoT-defense systems; our results demonstrate that Vigilia outperforms these systems and incurs negligible overhead. 
    more » « less
  5. ; ; ; ( , IEEE INFOCOM2022)
    Recent advances in cyber-physical systems, artificial intelligence, and cloud computing have driven the wide deployments of Internet-of-things (IoT) in smart homes. As IoT devices often directly interact with the users and environments, this paper studies if and how we could explore the collective insights from multiple heterogeneous IoT devices to infer user activities for home safety monitoring and assisted living. Specifically, we develop a new system, namely IoTMosaic, to first profile diverse user activities with distinct IoT device event sequences, which are extracted from smart home network traffic based on their TCP/IP data packet signatures. Given the challenges of missing and out-of-order IoT device events due to device malfunctions or varying network and system latencies, IoTMosaic further develops simple yet effective approximate matching algorithms to identify user activities from real-world IoT network traffic. Our experimental results on thousands of user activities in the smart home environment over two months show that our proposed algorithms can infer different user activities from IoT network traffic in smart homes with the overall accuracy, precision, and recall of 0.99, 0.99, and 1.00, respectively. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email