In the past, home automation was a small market for technology enthusiasts. Interconnectivity between devices was down to the owner's technical skills and creativity, while security was non-existent or primitive, because cyber threats were also largely non-existent or primitive. This is not the case any more. The adoption of Internet of Things technologies, cloud computing, artificial intelligence and an increasingly wide range of sensing and actuation capabilities has led to smart homes that are more practical, but also genuinely attractive targets for cyber attacks. Here, we classify applicable cyber threats according to a novel taxonomy, focusing not only on the attack vectors that can be used, but also the potential impact on the systems and ultimately on the occupants and their domestic life. Utilising the taxonomy, we classify twenty five different smart home attacks, providing further examples of legitimate, yet vulnerable smart home configurations which can lead to second-order attack vectors. We then review existing smart home defence mechanisms and discuss open research problems. Reference Key security properties Vulnerabilities/challenges Security recommended Open problems identified Komninos et al. [1] Confidentiality Connected to Internet Auto-immunity to threats Resilience Physical tampering Reliability, availability Lin et al. [2] Confidentiality Phys./netw. accessibility Gateway architecture Auto-configuration Authentication Constrained resources Updates Access control Heterogeneity Nawir et al. [6] Smart meter integrity Remote connectivity Techn. countermeasures Standardisation Privacy Physical tampering Regulatory initiatives Impact evaluation, metrics Non-repudiation Malicious actuation Intrusion detection Authorisation Logging for audit/forensics Ziegeldorf et al.[5]
The modern Internet of Things (IoT)-based smart 1 home is a challenging environment to secure: devices change, 2 new vulnerabilities are discovered and often remain unpatched, 3 and different users interact with their devices differently and 4 have different cyber risk attitudes. A security breach's impact is 5 not limited to cyberspace, as it can also affect or be facilitated 6 in physical space, for example, via voice. In this environment, 7 intrusion detection cannot rely solely on static models that 8 remain the same over time and are the same for all users.9We present MAGPIE, the first smart home intrusion detection 10 system that is able to autonomously adjust the decision function 11 of its underlying anomaly classification models to a smart home's 12 changing conditions (e.g., new devices, new automation rules and 13 user interaction with them). The method achieves this goal by 14 applying a novel probabilistic cluster-based reward mechanism 15 to non-stationary multi-armed bandit reinforcement learning. 16 MAGPIE rewards the sets of hyperparameters of its underlying 17 isolation forest unsupervised anomaly classifiers based on the 18 cluster silhouette scores of their output. 19 Experimental evaluation in a real household shows that MAG-20 PIE exhibits high accuracy because of two further innovations: 21 it takes into account both cyber and physical sources of data; 22 and it detects human presence to utilise models that exhibit the 23 highest accuracy in each case. MAGPIE is available in open-24 source format, together with its evaluation datasets, so it can 25 benefit from future advances in unsupervised and reinforcement 26 learning and be able to be enriched with further sources of data 27 as smart home environments and attacks evolve.
With the growing threat of cyber and cyber-physical attacks against automobiles, drones, ships, driverless pods and other vehicles, there is also a growing need for intrusion detection approaches that can facilitate defence against such threats. Vehicles tend to have limited processing resources and are energy-constrained. So, any security provision needs to abide by these limitations. At the same time, attacks against vehicles are very rare, often making knowledge-based intrusion detection systems less practical than behaviour-based ones, which is the reverse of what is seen in conventional computing systems. Furthermore, vehicle design and implementation can differ wildly between different types or different manufacturers, which can lead to intrusion detection designs that are vehicle-specific. Equally importantly, vehicles are practically defined by their ability to move, autonomously or not. Movement, as well as other physical manifestations of their operation may allow cyber security breaches to lead to physical damage, but can also be an opportunity for detection. For example, physical sensing can contribute to more accurate or more rapid intrusion detection through observation and analysis of physical manifestations of a security breach. This paper presents a classification and survey of intrusion detection systems designed and evaluated specifically on vehicles and networks of vehicles. Its aim is to help identify existing techniques that can be adopted in the industry, along with their advantages and disadvantages, as well as to identify gaps in the literature, which are attractive and highly meaningful areas of future research.
Abstract-Mobile cyber-physical systems, such as automobiles, drones and robotic vehicles, are gradually becoming attractive targets for cyber attacks. This is a challenge because intrusion detection systems built for conventional computer systems tend to be unsuitable. They can be too demanding for resource-restricted cyber-physical systems or too inaccurate due to the lack of realworld data on actual attack behaviours. Here, we focus on the security of a small remote-controlled robotic vehicle. Having observed that certain types of cyber attacks against it exhibit physical impact, we have developed an intrusion detection system that takes into account not only cyber input features, such as network traffic and disk data, but also physical input features, such as speed, physical jittering and power consumption. As the system is resource-restricted, we have opted for a decision tree-based approach for generating simple detection rules, which we evaluate against denial of service and command injection attacks. We observe that the addition of physical input features can markedly reduce the false positive rate and increase the overall accuracy of the detection.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.