skip to main content
survey

Secure Smart Homes: Opportunities and Challenges

Published: 26 September 2017 Publication History

Abstract

The Smart Home concept integrates smart applications in the daily human life. In recent years, Smart Homes have increased security and management challenges due to the low capacity of small sensors, multiple connectivity to the Internet for efficient applications (use of big data and cloud computing), and heterogeneity of home systems, which require inexpert users to configure devices and micro-systems. This article presents current security and management approaches in Smart Homes and shows the good practices imposed on the market for developing secure systems in houses. At last, we propose future solutions for efficiently and securely managing the Smart Homes.

References

[1]
Cédric Lévy-Bencheton, Eleni Darra, Guillaume Tétu, Guillaume Dufay, and Mouhannad Alattar. 2015. Security and resilience of smart home environments good practices and recommendations. Tech. Rep. European Union Agency for Network and Information Security.
[2]
Karsten Bormann, Mehmet Ersue, and Ari Keranen. 2014. RFC 7228, Terminology for constrained-node networks. Retrieved July 10, 2017 from: https://tools.ietf.org/html/rfc7228.
[3]
Federico Viani, Fabrizio Robol, Alessandro Polo, Paolo Rocca, Giacomo Oliveri, and Andrea Massa. 2013. Wireless architectures for heterogeneous sensing in smart home applications: Concepts and real implementation. Proc. IEEE 101 (2013), 2381--2396.
[4]
Tianming Li, Narayan B. Mandayam, and Alex Reznik. 2013. A framework for distributed resource allocation and admission control in a cognitive digital home. IEEE Trans. Wireless Commun. 12, 3 (2013), 984--995.
[5]
Tongtong Li, Jian Ren, and Xiaochen Tang. 2012. Secure wireless monitoring and control systems for smart grid and smart home. IEEE Wirel. Commun. 19, 3 (2012), 66--73.
[6]
Prafulla N. Dawadi, Diane J. Cook, and Maureen Schmitter-Edgecombe. 2013. Automated cognitive health assessment using smart home monitoring of complex tasks. IEEE Trans. Syst., Man, Cybernet,: Syst. 43, 6 (2013), 1302--1313.
[7]
Juan A. Nazabal, Francisco J. Falcone, Carlos Fernandez-Valdivielso, and Ignacio R. Matias. 2013. Energy management system proposal for efficient smart homes. In Proceedings of the 2013 International Conference on New Concepts in Smart Cities: Fostering Public and Private Alliances (SmartMILE).
[8]
Meg E. Morris, Brooke Adair, Kimberly Miller, Elizabeth Ozanne, Ralph Hansen, Alan J. Pearce, Nick Santamaria, Luan Viegas, Maureen Long, and Catherine M. Said. 2013. Smart-home technologies to assist older people to live well at Home. J. Aging Sci. 1, 101 (2013).
[9]
Katherine Wild, Linda Boise, Jay Lundell, and Anna Foucek. 2008. Unobtrusive in-home monitoring of cognitive and physical health: Reactions and perceptions of older adults. J. Appl. Geront. 27, 2 (2008), 181--200.
[10]
Tiago D. P. Mendes, Radu Godina, Eduardo M. G. Rodrigues, Joao C. O. Matias, and Joao P. S. Catalao. 2015. Smart home communication technologies and applications: Wireless protocol assessment for home area network resources. Energies. 8, 7 (2015), 7279--7311.
[11]
Luis E. Anido, Sonia M. Valladares, Manuel J. Fernandez-Iglesias, Carlos Rivas, and Miguel Gomez. 2013. Adapted interfaces and interactive electronic devices for the smart home. In Proceedings of the 8th International Conference on Computer Science 8 Education. 472--477.
[12]
Mohamed Asma Ben Hadj, Val Thierry, Andrieux Laurent, and Kachouri Abdennaceur. 2012. Using a Kinect WSN for home monitoring: Principle, network and application evaluation. In Proceedings of the International Conference on Wireless Communications in Underground and Confined Areas (ICWCUCA). 1--5.
[13]
Nikhil Naikal, Pedram Lajevardi, and S. Sastry Shankar. 2014. Joint detection and recognition of human actions in wireless surveillance camera networks. In Proceedings of the IEEE International Conference on Robotics and Automation (ICRA). 4747--4754.
[14]
Hsien-Po Shiang and Mihaela van der Schaar. 2010. Information-constrained resource allocation in multicamera wireless surveillance networks. IEEE Trans. Circ. Syst. Video Tech. 20, 4 (2010), 505--517.
[15]
Nikos Komninos, Eleni Philippou, and Andreas Pitsillides. 2014, A survey in smart grid and smart home security: Issues, challenges and countermeasures. IEEE Commun. Surv. Tutor. 16, 4 (2014), 1933--1954.
[16]
Taewan Kim, Hyungsoo Park, and Yunmo Chung. 2013. Integrated system of face recognition and sound localization for a smart door phone. IEEE Trans. Consum. Electron. 59, 3 (2013), 598--603.
[17]
Geng Yang, Jian Xu, Wei Chen, Zheng-Hua Qi, and Hai-Yong Wang. 2010. Security characteristic and technology in the internet of things. Journal of Nanjing University of Posts and Telecommunications (Natural Science). 30, 4 (2010), 20--29.
[18]
Hui Suo, Jiafu Wan, Caifeng Zou, and Jianqi Liu. 2012. Security in the Internet of Things: A review. In Proceedings of the International Conference on Computer Science and Electronics Engineering (ICCSEE). 648--651.
[19]
Francois Carrez, Martin Bauer, Mathieu Boussard, Nicola Bui, Christine Jardak, Jourik De Loof, Carsten Magerkurth, Stefan Meissner, Andreas Nettsträter, Alexis Olivereau, Matthias Thoma, Joachim W. Walewski, Julinda Stefa, and Alexander Salinas. 2013. IoT-A deliverable D1.5-final architectural reference model for the IoT v3.0. Retrieved May 2017 from http://www.meet-iot.eu/deliverables-IOTA/D1_5.pdf.
[20]
Tobias Zillner. 2015. Zigbee exploited. The Good, the Bad and the Ugly. Retrieved May 2017 from https://www.blackhat.com/docs/us-15/materials/us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly-wp.pdf.
[21]
Daniel Schwarz. 2016. The current state of security in smart home systems, threats in the internet of things. SEC Consult Vulnerability Lab -- Vienna. Retrieved May 2017 from https://www.sec-consult.com/.
[22]
Subha Koley and Prasun Ghosal. 2015. Addressing hardware security challenges in internet of things: recent trends and possible solutions. In Proceedings of the IEEE 12th International Conference on Ubiquitous Intelligence and Computing and 2015 IEEE 12th International Conference on Autonomic and Trusted Computing and 2015 IEEE 15th International Conference on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom). 517--520.
[23]
Orlando Arias, Jacob Wurm, Khoa Hoang, and Yier Jin. 2015. Privacy and security in internet of things and wearable devices. IEEE Trans. Multi-Scale Comput. Syst. 1, 2 (2015), 99--109.
[24]
Sachin Minocha. 2013. WBAN and its applications. Internat. J. Engin., Manage., Human. Social Sci. Parad. (IJEMHS), 2, 1, ISSN: 2347--601X.
[25]
Grant Ho, Derek Leung, Pratyush Mishra, Ashkan Hosseini, Dawn Song, and David Wagner. 2016. Smart locks: Lessons for securing commodity internet of things devices. In Proceedings of the 11th ACM Asia Conference on Computer and Communications Security (ASIA CCS). ACM, New York, 461--472.
[26]
Georgios Mantas, Dimitrios Lymberopoulos, and Nikos Komninos. 2011. Security in smart home environment. In Wireless Technologies for Ambient Assisted Living and Healthcare: Systems and Applications, Athina Lazakidou, Konstantinos Siassiakos, and Konstantinos Ioannou (Eds.). 171--190.
[27]
Xun Wang, Wenjun Gu, Kurt Schosek, Sriram Chellappan, and Dong Xuan. 2004. Sensor network configuration under physical attacks. Int. J. Ad Hoc Ubiq. Comput. 4, 3--4 (2004), 174--182.
[28]
Sajal Das, Krishna Kant, and Nan Zhang. 2012. Handbook on Securing Cyber-Physical Critical Infrastructure: Foundation and Challenges. Morgan Kaufmann, Boston, MA. ISBN: 9780124159105
[29]
Rodrigo Roman, Pablo Najera, and Javier Lopez. 2011. Securing the Internet of Things. IEEE Comput. 44, 9 (2011), 51--58.
[30]
Michele Zorzi, Alexander Gluhak, Sebastian Lange, and Alessandro Bassi. 2010. From today's INTRAnet of Things to a future Internet of Things: A wireless- and mobility-related view. IEEE Wireless Commun. 17, 6 (2010), 44--51.
[31]
Kashif Gill, Se HoonYang, and Wei Wang. 2012. Scheme for preventing low-level denial-of-service attacks on wireless sensor network-based home automation systems. IET Wireless Sensor Systems. 2, 4 (2012), 361--368.
[32]
R. Kowsik and L. Vignesh. 2016. Mitigating insider data theft attacks in the cloud. In Proceedings of the 2016 2nd International Conference on Science Technology Engineering and Management (ICONSTEM). 2016, 561--567.
[33]
Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security analysis of emerging smart home applications. In Proceedings of the 2016 IEEE Symposium on Security and Privacy (SP). 636--654.
[34]
Elaine B. Barker and Allen L. Roginsky. 2011. SP 800-131A Revision 1. Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths, national institute of standards 8 technology. Retrieved May 2017 from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800--131Ar1.pdf.
[35]
Eric Rescorla and Nagendra Modadugu. 2012. RFC 6347. Datagram transport layer security version 1.2. Retrieved May 2017 from https://tools.ietf.org/html/rfc6347.
[36]
Urs Hunkeler, Hong Linh Truong, and Andy Stanford-Clark. 2008. MQTT-S A publish/subscribe protocol for wireless sensor networks. In Communication Systems Software and Middleware and Workshops (COMSWARE 2008). 2008, 791--798.
[37]
Z. Shelby, K. Hartke, and C. Bormann. 2014. RFC 7252. The constrained application protocol (CoAP). Retrieved May 2017 from https://tools.ietf.org/html/rfc7252.
[38]
Sye Loong Keoh, Sandeep S. Kumar, and Hannes Tschofenig. 2014. Securing the Internet of Things: A standardization perspective. IEEE Internet of Things J. 1, 3 (2014), 265--275.
[39]
Diego Altolini, Vishwas Lakkundi, Nicola Bui, Cristiano Tapparello, and Michele Rossi. 2013. Low power link layer security for IoT: Implementation and performance analysis. In Proceedings of Wireless Communications and Mobile Computing Conference (IWCMC). July 2013, 919--925.
[40]
Quangang Wen, Xinzheng Dong, and Ronggao Zhang. 2012. Application of dynamic variable cipher security certificate in Internet of Things. In Proceedings of Cloud Computing and Intelligent Systems (CCIS). 2012, 1062--1066.
[41]
Mohit Sethi, Jari Arkko, and Ari Keränen. 2012. End-to-end security for sleepy smart object networks. In Proceedings of the IEEE 37th Conference on Local Computer Networks Workshops (LCN Workshops). 2012, 964--972.
[42]
Ki-Woong Park, Sang Seok Lim, and Kyu Ho Park. 2008. Computationally efficient PKI-Based single sign-on protocol, PKASSO for mobile devices. IEEE Trans. Comput. 57, 6, 821--834.
[43]
Michael O. Rabin. 1979. Digitalized signatures and public-key functions as intractable as factorization. Massachusets Institute of Technology, MA, (January 1979). Tech. Rep.
[44]
Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 1998. NTRU: A ring-based public key cryptosystem. In Proceedings of the 3rd International Symposium on Algorithmic Number Theory (ANTS’98). Lecture Notes in Computer Sciences, vol. 1423, Springer, Berlin, Germany, 267--288.
[45]
Victor S. Miller. 1985. Use of elliptic curves in cryptography. In Proceedings of the CRYPTO'85 Advances in Cryptology. Lecture Notes in Computer Sciences. Springer, Berlin, Germany, 1985, 417--426. ISBN:3-540-16463-4
[46]
Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid. 2012. NIST special publication 800-57 Recommendation for Key Management. Part 1: General. National Institute of Standards 8 Technology. Retrieved May 2017 from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800--57pt1r4.pdf.
[47]
David. J. Malan, Matt Welsh, and Michael D. Smith. 2008. Implementing public-key infrastructure for sensor networks. ACM Trans. Sensor Netw. 4, 4 (2008), 22:1--22:23.
[48]
Kai Han, Jun Luo, Yang Liu, and Athanasios V. Vasilakos. 2013. Algorithm design for data communications in duty-cycled wireless sensor networks: A survey. IEEE Communications Magazine. 51, 7, 107--113.
[49]
Mo Li, Zhenjiang Li, and Athanasios V. Vasilakos. 2013. A survey on topology control in wireless sensor networks: Taxonomy, comparative study, and open issues. Proc. IEEE 101, 12, 2538--2557.
[50]
Laurent Eschenauer and Virgil D. Gligor. 2002. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02). ACM, New York, 41--47.
[51]
Donggang Liu and Peng Ning. 2003. Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS'03). ACM, New York, 52--61.
[52]
Sayantani Saha. 2015. Secure sensor data management model in a --sensor-cloud integration environment. In Proceedings of the IEEE 2015 Applications and Innovations in Mobile Computing (AIMoC). 158--163.
[53]
Bartosz Przydatek, Dawn Song, and Adrian Perrig. 2003. SIA: Secure Information Aggregation in sensor networks. In Proceedings of the 1st International Conference on Embedded Networked Sensor Systems (SenSys'03). ACM, New York, 255--265.
[54]
Sulabh Bhattarai, Linqiang Ge, and Wei Yu. 2012. A novel architecture against false data injection attacks in smart grid. In Proceedings of the IEEE International Conference on Communications (ICC) (IEEE ICC'12). 2012, 907--911.
[55]
Yi Huang, Husheng Li, Kristy A. Campbell, and Zhu Han. 2011. Defending false data injection attack on smart grid network using adaptive CUSUM test. In Proceedings of the IEEE 45th Annual Conference on Information Sciences and Systems. 2011, 1--6.
[56]
Rathanakar Acharya and K. Asha. 2008. Data integrity and intrusion detection in wireless sensor networks. In Proceedings of the IEEE ICON 16th IEEE International Conference on Networks. 2008, 1--5.
[57]
Caiming Liu, Jin Yang, Run Chen, Yan Zhang, and Jinquan Zeng. 2011. Research on immunity-based intrusion detection technology for the internet of things. In Proceedings of the 7th International Conference on Natural Computation. 2011, 212--216.
[58]
Caiming Liu, Y. Zhang, and H. Zhang. 2013. A novel approach to IoT security based on immunology. In Proceedings of the 2013 9th International Conference on Computational Intelligence and Security (CIS). 2013, 771--775.
[59]
Mostafa M. Fouda, Zubair Md. Fadlullah, Nei Kato, Rongxing Lu, and Xuemin Sherman Shen. 2011. A lightweight message authentication scheme for smart grid communications. IEEE Trans. Smart Grid 2, 4, 675--685.
[60]
Rucha Sule, Raj S. Katti, and Rajesh G. Kavasseri. 2012. Variable length fast message authentication code for secure communication in smart grids. In Proceedings of the IEEE Power and Energy Society General Meeting. 1-6.
[61]
Amar Rasheed and Rabi N. Mahapatra. 2012. The three-tier security scheme in wireless sensor networks with mobile sinks. IEEE Trans. Paral. Distrib. Syst. 23, 5, 958--965.
[62]
Komal Rege, Nikita Goenka, Pooja Bhutada, and Sunil Mane. 2013. Bluetooth communication using hybrid encryption algorithm based on AES and RSA. Int. J. Comput. Applicat. 2012, 71, 2. 10.5120/12617-9061
[63]
Zhifeng Xiao, Yang Xiao, and David Hungchang Du. 2013. Non-repudiation in neighborhood area networks for smart grid. IEEE Communications Magazine. 51, 1, 18--26.
[64]
Tim Bray. The JavaScript Object Notation (JSON) Data Interchange Format, RFC 7159, March 2014.
[65]
Michael Jones, J. Bradley, and N. Sakimura. 2015. RFC7515 JSON Web Signatures (JWS): Proposed Standards, 2015. Retrieved May 2017 from https://tools.ietf.org/html/rfc7515.
[66]
Rudolf Volner, Petr Bores, and Vladimir Smrz. 2008. A product based security model for smart home appliances. In Proceedings of the Biennial Baltic Electronics Conference. 2008, 221--222. https://doi.org/10.1109/BEC.2008.4657519
[67]
Lujo Bauer, Lorrie Faith Cranor, Robert W. Reeder, Michael K. Reiter, and Kami Vaniea. 2009. Real life challenges in access-control management. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI'09). ACM, New York, 899--908.
[68]
A. J. Bernheim Brush, Jaeyeon Jung, Ratul Mahajan, and Frank Martinez. 2013. Digital neighborhood watch: Investigating the sharing of camera data amongst neighbors. In Proceedings of the 2013 Conference on Computer Supported Cooperative Work (CSCW'13). ACM, New York, 693--700.
[69]
Haodong Wanga and Qun Li. 2006. Distributed user access control in sensor networks. In Proceedings of the International Conference on Distributed Computing in Sensor Systems (DCOSS'06). Lecture Notes in Computer Science, 2006, 4026.
[70]
Himanshu Khurana, Rakesh Bobba, Tim Yardley, Pooja Agarwal, and Erich Heine. 2010. Design principles for power grid cyber infrastructure authentication protocols. In Proceedings of the 43rd Hawaii International Conference on System Sciences (Honolulu, HI, 2010), 1--10.
[71]
Sushmita Ruj, Amiya Nayak, and Ivan Stojmenovic. 2011. A Security Architecture for Data Aggregation and Access Control in Smart Grids, CoRR, 2011, 1--12, arXiv:1111.2619.
[72]
Jun Wu, Mianxiong Dong, Kaoru Ota, Zhenyu Zhou, and Bin Duan. 2014. Towards fault-tolerant fine-grained data access control for smart grid. Wirel. Pers. Commun. 75, 3 (April 2014), 1787--1808.
[73]
Rune Hylsberg Jacobsen, Søren Aagaard Mikkelsen, and Niels Holm Rasmussen. 2015. Towards the use of pairing-based cryptography for resource-constrained home area networks. In Proceedings of the 2015 Euromicro Conference on Digital System Design (DSD). IEEE, 2015, 233--240.
[74]
Theis Solberg Hjortha and Rune Torbensen. 2012. Trusted domain: A security platform for home automation. Computers 8 Security 2012, 31, 8, 940--955.
[75]
Johannes Gilger and Hannes Tschofenig. 2014. RFC 7397. Report from the smart object security workshop. Retrieved May 2017 from https://tools.ietf.org/html/rfc7397.
[76]
Fibaro Motion Sensor FGMS-001 Operating Manual. Retrieved May 2017 from: http://manuals.fibaro.com/content/manuals/en/FGMS-001/FGMS-001-EN-T-v2.0.pdf.
[77]
Y. Nir and A. Langley. 2015. RFC 7539. ChaCha20 and Poly1305 for IETF Protocols, May 2015. Retrieved May 2017 from: https://tools.ietf.org/html/rfc7539.

Cited By

View all
  • (2025)Cyber Security in Smart HomesComputer and Information Security Handbook10.1016/B978-0-443-13223-0.00091-6(1437-1455)Online publication date: 2025
  • (2024)Survey on Vulnerability Testing in the Smart GridIEEE Access10.1109/ACCESS.2024.344964212(119146-119173)Online publication date: 2024
  • (2024)(Re)Defining Smart Home Through an HCI Perspective: A Systematic Review of over Two Decades of Smart Home Conceptualization and ResearchInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2437112(1-24)Online publication date: 13-Dec-2024
  • Show More Cited By

Index Terms

  1. Secure Smart Homes: Opportunities and Challenges

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Computing Surveys
    ACM Computing Surveys  Volume 50, Issue 5
    September 2018
    573 pages
    ISSN:0360-0300
    EISSN:1557-7341
    DOI:10.1145/3145473
    • Editor:
    • Sartaj Sahni
    Issue’s Table of Contents
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 26 September 2017
    Accepted: 01 July 2017
    Revised: 01 May 2017
    Received: 01 June 2016
    Published in CSUR Volume 50, Issue 5

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Smart Home
    2. constrained devices
    3. security
    4. wireless sensor networks

    Qualifiers

    • Survey
    • Research
    • Refereed

    Funding Sources

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)167
    • Downloads (Last 6 weeks)12
    Reflects downloads up to 30 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2025)Cyber Security in Smart HomesComputer and Information Security Handbook10.1016/B978-0-443-13223-0.00091-6(1437-1455)Online publication date: 2025
    • (2024)Survey on Vulnerability Testing in the Smart GridIEEE Access10.1109/ACCESS.2024.344964212(119146-119173)Online publication date: 2024
    • (2024)(Re)Defining Smart Home Through an HCI Perspective: A Systematic Review of over Two Decades of Smart Home Conceptualization and ResearchInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2437112(1-24)Online publication date: 13-Dec-2024
    • (2024)Decision support for strategic microgrid design integrating governance, business, intelligence, communication, and physical perspectivesSustainable Cities and Society10.1016/j.scs.2024.105672113(105672)Online publication date: Oct-2024
    • (2024)Smart Homes App Vulnerabilities, Threats, and Solutions: A Systematic Literature ReviewJournal of Network and Systems Management10.1007/s10922-024-09803-132:2Online publication date: 29-Feb-2024
    • (2024)The Future of Ageing: The Impact of Smart Home Technologies on Ageing in PlaceInnovations for Community Services10.1007/978-3-031-60433-1_6(83-101)Online publication date: 31-May-2024
    • (2024)“We Are the Makers of Manners”: A Grounded Approach to Data Ethics for the Built EnvironmentPrivacy Symposium 202310.1007/978-3-031-44939-0_4(49-68)Online publication date: 4-Jan-2024
    • (2023)Security and privacy concerns in assisted living environmentsJournal of Smart Cities and Society10.3233/SCS-2300152:2(99-121)Online publication date: 23-Aug-2023
    • (2023)Increasing Participation of Persons With Intellectual Disabilities With Smart Socio‐Technical ArrangementsSocial Inclusion10.17645/si.v11i3.661811:3(5-14)Online publication date: 24-Jul-2023
    • (2023)A Survey of User Perspectives on Security and Privacy in a Home Networking EnvironmentACM Computing Surveys10.1145/355809555:9(1-38)Online publication date: 16-Jan-2023
    • Show More Cited By

    View Options

    Login options

    Full Access

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media