SpyCon: Adaptation based spyware in human-in-the-loop IoT

12Citations
Citations of this article
18Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Personalized IoT adapt their behavior based on contextual information, such as user behavior and location. Unfortunately, the fact that personalized IoT adapt to user context opens a side-channel that leaks private information about the user. To that end, we start by studying the extent to which a malicious eavesdropper can monitor the actions taken by an IoT system and extract user's private information. In particular, we show two concrete instantiations (in the context of mobile phones and smart homes) of a new category of spyware which we refer to as Context-Aware Adaptation Based Spyware (SpyCon). Experimental evaluations show that the developed SpyCon can predict users' daily behavior with an accuracy of 90.3%. Being a new spyware with no known prior signature or behavior, traditional spyware detection that is based on code signature or system behavior are not adequate to detect SpyCon. We discuss possible detection and mitigation mechanisms that can hinder the effect of SpyCon.

Author supplied keywords

Cite

CITATION STYLE

APA

Elmalaki, S., Ho, B. J., Alzantot, M., Shoukry, Y., & Srivastava, M. (2019). SpyCon: Adaptation based spyware in human-in-the-loop IoT. In Proceedings - 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 (pp. 163–168). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/SPW.2019.00039

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free