This page includes IoT papers for security and privacy that we have recently read and find interesting. If you have any suggestions, please contact us.
Z. Berkay Celik and Xiaolei Wang.
First Depth Study on IoT Security (focusing on SmartThings, and motivating the following IoT research)
- 2016, IEEE S&P, Security Analysis of Emerging Smart Home Applications
- 2016, USENIX Security, FlowFence: Practical Data Protection for Emerging IoT Application Frameworks
- 2018, USENIX Security, Sensitive Information Tracking in Commodity IoT
- 2017, NDSS, ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms
- 2017, USENIX Security, SmartAuth: User-Centered Authorization for the Internet of Things
- 2017, Access Control Models, FACT: Functionality-centric Access Control System for IoT Programming Frameworks
- 2018, USENIX Security, Rethinking Access Control and Authentication for the Home Internet of Things (IoT)
- 2018, arXiv, Tyche: Risk-Based Permissions for Smart Home Platforms
- 2018, USENIX ATC, Soteria: Automated IoT Safety and Security Analysis
- 2018, NDSS, Fear and Logging in the Internet of Things
- 2018, arXiv, Peek-a-Boo: I see your smart home activities even encrypted
- 2018, arXiv, Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers
- 2017, arXiv, Spying on the Smart Home Privacy Attacks and Defenses on Encrypted IoT Traffic
- 2017, arXiv, Detecting Spies in IoT Systems using Cyber-Physical Correlation
- 2018, arXiv, A Developer-Friendly Library for Smart Home IoT Privacy Preserving Traffic Obfuscation
- 2018, arXIv, Understanding and Mitigating the Security Risks of Voice-Controlled Third-Party Skills on Amazon Alexa and Google Home
- 2018, arXIv, Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding
- 2018, arXIv, CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition
- 2018, arXIv, Nonsense Attacks on Google Assistant
- 2016, CHI, Trigger-Action Programming in the Wild: An Analysis of 200,000 IFTTT Recipes
- 2017, WWW, Some Recipes Can Do More Than Spoil Your Appetite Analyzing the Security and Privacy Risks of IFTTT Recipes
- 2017, arXIv, IFTTT vs. Zapier A Comparative Study of Trigger-Action Programming Frameworks
- 2017, IMC, An Empirical Characterization of IFTTT Ecosystem, Usage, and Performance
- 2018, NDDS, Decentralized Action Integrity for Trigger-Action IoT Platforms
- 2019, IEEE S&P, SoK: Security Evaluation of Home-Based IoT Deployments
- 2018, arXIv, IoT Security: An End-to-End View and Case Study
- 2017, arXIv, A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security
- 2017, arXIv, Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be
- 2017, IEEE S&P Magazine, Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges
- 2018, BlackHat, IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
- 2018, arXiv, A Survey on Sensor-based Threats to Internet-of-Things (IoT) Devices and Applications