TY - GEN
T1 - SecWIR
T2 - 18th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2020
AU - Lei, Xinyu
AU - Tu, Guan Hua
AU - Li, Chi-Yu
AU - Xie, Tian
AU - Zhang, Mi
N1 - Publisher Copyright:
© 2020 ACM.
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2020/6/15
Y1 - 2020/6/15
N2 - Smart home Wi-Fi IoT devices are prevalent nowadays and potentially bring significant improvements to daily life. However, they pose an attractive target for adversaries seeking to launch attacks. Since the secure IoT communications are the foundation of secure IoT devices, this study commences by examining the extent to which mainstream security protocols are supported by 40 of the best selling Wi-Fi smart home IoT devices on the Amazon platform. It is shown that 29 of these devices have either no security protocols deployed, or have problematic security protocol implementations. Seemingly, these vulnerabilities can be easily fixed by installing security patches. However, many IoT devices lack the requisite software/hardware resources to do so. To address this problem, the present study proposes a SecWIR (Secure Wi-Fi IoT communication Router) framework designed for implementation on top of the users' existing home Wi-Fi routers to provide IoT devices with a secure IoT communication capability. However, it is way challenging for SecWIR to function effectively on all home Wi-Fi routers since some routers are resource-constrained. Thus, several novel techniques for resolving this implementation issue are additionally proposed. The experimental results show that SecWIR performs well on a variety of commercial off-the-shelf (COTS) Wi-Fi routers at the expense of only a small reduction in the non-IoT data service throughput (less than 8%), and small increases in the CPU usage (4.5%∼7%), RAM usage (1.9 MB∼2.2 MB), and the IoT device access delay (24 ms∼154 ms) while securing 250 IoT devices.
AB - Smart home Wi-Fi IoT devices are prevalent nowadays and potentially bring significant improvements to daily life. However, they pose an attractive target for adversaries seeking to launch attacks. Since the secure IoT communications are the foundation of secure IoT devices, this study commences by examining the extent to which mainstream security protocols are supported by 40 of the best selling Wi-Fi smart home IoT devices on the Amazon platform. It is shown that 29 of these devices have either no security protocols deployed, or have problematic security protocol implementations. Seemingly, these vulnerabilities can be easily fixed by installing security patches. However, many IoT devices lack the requisite software/hardware resources to do so. To address this problem, the present study proposes a SecWIR (Secure Wi-Fi IoT communication Router) framework designed for implementation on top of the users' existing home Wi-Fi routers to provide IoT devices with a secure IoT communication capability. However, it is way challenging for SecWIR to function effectively on all home Wi-Fi routers since some routers are resource-constrained. Thus, several novel techniques for resolving this implementation issue are additionally proposed. The experimental results show that SecWIR performs well on a variety of commercial off-the-shelf (COTS) Wi-Fi routers at the expense of only a small reduction in the non-IoT data service throughput (less than 8%), and small increases in the CPU usage (4.5%∼7%), RAM usage (1.9 MB∼2.2 MB), and the IoT device access delay (24 ms∼154 ms) while securing 250 IoT devices.
KW - IoT
KW - Security
KW - Smart home
KW - Wi-fi
UR - http://www.scopus.com/inward/record.url?scp=85088145986&partnerID=8YFLogxK
U2 - 10.1145/3386901.3388941
DO - 10.1145/3386901.3388941
M3 - Conference contribution
AN - SCOPUS:85088145986
T3 - MobiSys 2020 - Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services
SP - 260
EP - 272
BT - MobiSys 2020 - Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services
PB - Association for Computing Machinery, Inc
Y2 - 15 June 2020 through 19 June 2020
ER -