Abstract
Smart Home Systems (SHSs) represent one of the most prevailing Internet of Things (IoT) applications. While IoT-based SHSs can be user-driven or automatically operated, their unauthorized or unexpected operation brings new security and safety concerns that did not exist in legacy homes. This paper provides a review of the state-of-the-art approaches for securing the operation of SHSs. We first present security threats that may lead to unauthorized/unexpected operation of an SHS for both types of operation. Then, we review existing security approaches for each type of operation. Finally, we draw some conclusions and raise open research issues based on this review.
Similar content being viewed by others
Availability of data and materials
Not applicable.
Code availability
Not applicable.
References
Alghayadh F, Debnath D (2020) A hybrid intrusion detection system for smart home security. In: 2020 IEEE international conference on electro information technology (EIT). IEEE, pp 319–323
Alrumayh AS, Lehman SM, Tan CC (2020) Context aware access control for home voice assistant in multi-occupant homes. Pervasive Mob Comput 67:101196
Amraoui N, Besrour A, Ksantini R, Zouari B (2019) Implicit and continuous authentication of smart home users. In: International conference on advanced information networking and applications. Springer, Berlin, pp 1228–1239
Arias-Cabarcos P, Almenarez F, Trapero R, Diaz-Sanchez D, Marin A (2015) Blended identity: pervasive IdM for continuous authentication. IEEE Secur Priv 13(3):32–39
Arif S, Khan MA, Rehman SU, Kabir MA, Imran M (2020) Investigating smart home security: is blockchain the answer? IEEE Access 8:117802–117816
Celik ZB, Fernandes E, Pauley E, Tan G, McDaniel P (2019) Program analysis of commodity IoT applications for security and privacy: challenges and opportunities. ACM Comput Surv (CSUR) 52(4):1–30
Celik ZB, McDaniel P, Tan G (2018) Soteria: automated IoT safety and security analysis. In: 2018 \(\{\)USENIX\(\}\) annual technical conference (\(\{\)USENIX\(\}\)\(\{\)ATC\(\}\) 18), pp 147–158
Celik ZB, Tan G, McDaniel PD (2019) IoTGuard: dynamic enforcement of security and safety policy in commodity IoT. In: NDSS
Chi H, Zeng Q, Du X, Yu J (2020) Cross-app interference threats in smart homes: categorization, detection and handling. In: 2020 50th annual IEEE/IFIP international conference on dependable systems and networks (DSN). IEEE, pp 411–423
Chuck M (2019) Smart home technology hits 69 Technical report, MediaPost, 2019. [Online]. Accessed 06 Oct 2021
Dutta S, Chukkapalli SSL, Sulgekar M, Krithivasan S, Das PK, Joshi A et al (2020) Context sensitive access control in smart home environments. In: 6th IEEE international conference on big data security on cloud (BigDataSecurity 2020)
Gamundani AM, Phillips A, Muyingi HN (2018) An overview of potential authentication threats and attacks on internet of things (IoT): a focus on smart home applications. In: 2018 IEEE international conference on Internet of Things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData). IEEE, pp 50–57
Ghosh N, Chandra S, Sachidananda V, Elovici Y (2019) SoftAuthZ: a context-aware, behavior-based authorization framework for home IoT. IEEE Internet Things J 6(6):10773–10785
Gomez C, Chessa S, Fleury A, Roussos G, Preuveneers D (2019) Internet of things for enabling smart environments: a technology-centric perspective. J Ambient Intell Smart Environ 11(1):23–43
Guth J, Breitenbücher U, Falkenthal M, Fremantle P, Kopp O, Leymann F, Reinfurt L (2018) A detailed analysis of IoT platform architectures: concepts, similarities, and differences. In: Internet of everything. Springer, Berlin, pp 81–101
Hakak S, Khan WZ, Gilkar GA, Imran M, Guizani N (2020) Securing smart cities through blockchain technology: architecture, requirements, and challenges. IEEE Netw 34(1):8–14
Han J-H, Jeon YS, Kim JN (2015) Security considerations for secure and trustworthy smart home system in the IoT environment. In: 2015 International conference on information and communication technology convergence (ICTC). IEEE, pp 1116–1118
Jiang H, Cai C, Ma X, Yang Y, Liu J (2018) Smart home based on WiFi sensing: a survey. IEEE Access 6:13317–13325
Kong H, Lu L, Yu J, Chen Y, Tang F (2020) Continuous authentication through finger gesture interaction for smart homes using WiFi. IEEE Trans Mob Comput
Kumari S, Khan MK, Atiquzzaman M (2015) User authentication schemes for wireless sensor networks: a review. Ad Hoc Netw 27:159–194
Kuyucu MK, Bahtiyar Ş, İnce G (2019) Security and privacy in the smart home: a survey of issues and mitigation strategies. In: 2019 4th International conference on computer science and engineering (UBMK). IEEE, pp 113–118
Liang Y, Samtani S, Guo B, Yu Z (2020) Behavioral biometrics for continuous authentication in the internet-of-things era: an artificial intelligence perspective. IEEE Internet Things J 7(9):9128–9143
Martin V, Cao Q, Benson T (2017) Fending off IoT-hunting attacks at home networks. In: Proceedings of the 2nd workshop on cloud-assisted networking, pp 67–72
Miessler D (2015) Securing the internet of things: mapping attack surface areas using the OWASP IoT top 10. In: RSA conference
Nespoli P, Zago M, Celdrán AH, Pérez MG, Mármol FG, García Clemente FJ (2019) PALOT: profiling and authenticating users leveraging internet of things. Sensors 19(12):2832
Omolola O, More S, Fasllija E, Wagner G, Alber L (2019) Policy-based access control for the IoT and smart cities. Open Identity Summit 2019
Ongun T, Oprea A, Nita-Rotaru C, Christodorescu M, Salajegheh N (2018) The house that knows you: user authentication based on IoT data. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 2255–2257
Pan Z, Pacheco J, Hariri S, Chen Y, Liu B (2019) Context aware anomaly behavior analysis for smart home systems. Int J Inf Commun Eng 13(5):261–274
Panwar N, Sharma S, Mehrotra S, Krzywiecki Ł, Venkatasubramanian N (2019) Smart home survey on security and privacy. arXiv preprint arXiv:1904.05476
Powell MP, McCarthy JJ, Tang CY, Stouffer KA, Zimmerman TA, Barker WC, Ogunyale T, Wynne DM (2020) Securing manufacturing industrial control systems: behavioral anomaly detection
Rahmati A, Fernandes E, Eykholt K, Prakash A (2018) Tyche: a risk-based permission model for smart homes. In: 2018 IEEE cybersecurity development (SecDev). IEEE, pp 29–36
Rath AT, Colin J-N (2017) Strengthening access control in case of compromised accounts in smart home. In: 2017 IEEE 13th international conference on wireless and mobile computing, networking and communications (WiMob). IEEE, pp 1–8
Ray AK, Bagwari A (2020) IoT based smart home: security aspects and security architecture. In: 2020 IEEE 9th international conference on communication systems and network technologies (CSNT). IEEE, pp 218–222
Sánchez PMS, Valero JMJ, Celdrán AH, Bovet G, Pérez MG, Pérez GM (2020) A survey on device behavior fingerprinting: Data sources, techniques, application scenarios, and datasets. arXiv preprint. arXiv:2008.03343
Sarhan QI (2020) Systematic survey on smart home safety and security systems using the arduino platform. IEEE Access 8:128362–128384
Shah SW, Kanhere SS (2019) Recent trends in user authentication—a survey. IEEE Access 7:112505–112519
Sicato JCS, Singh SK, Rathore S, Park JH (2020) A comprehensive analyses of intrusion detection system for IoT environment. J Inf Process Syst 16(4):975–990
Sikder AK, Petracca G, Aksu H, Jaeger T, Uluagac AS (2021) A survey on sensor-based threats and attacks to smart devices and applications. IEEE Commun Surv Tutor 23(2):1125–1159
Singh MP, Sural S, Atluri V, Vaidya J (2019) Security analysis of unified access control policies. In: International conference on secure knowledge management in artificial intelligence era. Springer, Berlin, pp 126–146
Sivanathan A (2020) IoT behavioral monitoring via network traffic analysis. arXiv preprint. arXiv:2001.10632
Teixeira D, Assunção L, Paiva S (2020) Security of smart home-smartphones systems. In: 2020 15th Iberian conference on information systems and technologies (CISTI). IEEE, pp 1–5
Tian Y, Zhang N, Lin Y-H, Wang XF, Ur B, Guo X, Tague P (2017) Smartauth: user-centered authorization for the internet of things. In: 26th \(\{\)USENIX\(\}\) security symposium (\(\{\)USENIX\(\}\) security 17), pp 361–378
Touqeer H, Zaman S, Amin R, Hussain M, Al-Turjman F, Bilal M (2021) Smart home security: challenges, issues and solutions at different IoT layers. J Supercomput 1–37
ur Rehman S, Gruhn V (2018) An approach to secure smart homes in cyber-physical systems/internet-of-things. In: 2018 Fifth international conference on software defined systems (SDS). IEEE, pp 126–129
Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282
Xiao Y, Jia Y, Liu C, Alrawais A, Rekik M, Shan Z (2020) HomeShield: a credential-less authentication framework for smart home systems. IEEE Internet Things J 7(9):7903–7918
Xie S, Zheng Z, Chen W, Wu J, Dai H-N, Imran M (2020) Blockchain for cloud exchange: a survey. Comput Electr Eng 81:106526
Yahyazadeh M, Podder P, Hoque E, Chowdhury O (2019) Expat: expectation-based policy analysis and enforcement for appified smart-home platforms. In: Proceedings of the 24th ACM symposium on access control models and technologies, pp 61–72
Yamauchi M, Ohsita Y, Murata M, Ueda K, Kato Y (2020) Anomaly detection in smart home operation from user behaviors and home conditions. IEEE Trans Consum Electron 66(2):183–192
Yoo SG et al (2018) Security over smart home automation systems: a survey. In: International conference of research applied to defense and security. Springer, Berlin, pp 87–96
Zarpelão BB, Miani RS, Kawakani CT, de Alvarenga SC (2017) A survey of intrusion detection in internet of things. J Netw Comput Appl 84:25–37
Zhang W, Meng Y, Liu Y, Zhang X, Zhang Y, Zhu H (2018) Homonit: monitoring smart home apps from encrypted traffic. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 1074–108
Funding
Not applicable.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
Noureddine Amraoui declares that he has no conflict of interest. Belhassen Zouari declares that he has no conflict of interest.
Research involving human participants and/or animals
This article does not contain any studies with human participants or animals performed by any of the authors.
Informed consent
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Amraoui, N., Zouari, B. Securing the operation of Smart Home Systems: a literature review. J Reliable Intell Environ 8, 67–74 (2022). https://doi.org/10.1007/s40860-021-00160-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40860-021-00160-3