2021 ITU Kaleidoscope Academic Conference




           The previous section mainly proposed more comprehensive   [7]  Wamsley, L.  2018. Amazon Echo recorded and  sent
           and detailed security controls for different types of security   couple’s conversation: All  without their  knowledge.
           threats from  different entities in IoT-domotics. Next, the   NPR, May 25. Accessed March 21, 2020.
           control scheme will be analyzed  and as  proposed in this
           paper  implemented by  some of  the  researchers to   [8]  Otávio de PaulaAlbuquerque, Marcelo Fantinato, et al.
           demonstrate the  advantages  and disadvantages  of some   Privacy in smart toys: Risks and proposed solutions.
           existing control schemes,  as in  Table 3.  Among them,   Electronic Commerce  Research and Applications.
           Fernandes  [12]  and Tian  [13] each  proposed fine-grained   Volume 39, January–February 2020.
           platform access control schemes. Jia  [14] designed  a new
           pairing protocol to enhance the confidentiality and integrity   [9]  Fernandes  E, Jung  J, Prakash  A.  Security analysis of
           of  the protocol.  Trimananda  [15]  and Apthorpe  [16]  each   emerging smart  home applications[]//Proc of IEEE
           proposed  traffic feature  hiding technology schemes. The   Symp on Security and Privacy. Piscataway, NJ: IEEE,
           firmware security scheme is also presented in the paper [17]   2016: 636-654.
           [18].
                                                              [10] D. J. Wu, A. Taly, A. Shankar, and D. Boneh. Privacy,
                              6.  CONCLUSION                      discovery, and authentication for the Internet of Things.
                                                                  In Proceedings  of the European Symposium  on
           IoT-domotics, as an important carrier connecting virtual and   Research in Computer Security (ESORICS), pages 301–
           reality,  breaks the constraints of space and creates a   319, 2016.
           convenient and comfortable lifestyle for users. However, due
           to the various types of applications, large-scale equipment,   [11] ISO/IEC 29100:2011 Information technology- Security
           complex interaction  processes,  and  diverse application   techniques - Privacy framework. ISO,2011.
           environments, IoT systems inevitably face various security
           threats  during the development process.  Comprehensive   [12] Fernandes  E, Rahmati  A, Jung  J, et al.  Decentralized
           control of security and privacy risks is an important part of   Action  Integrity  for  Trigger-Action  IoT  Platforms
           supporting the long-term development of IoT-domotics.   [//Network and Distributed  Systems Security  (NDSS)
                                                                  Symposium. 2018.in
           In the  future, with the continuous integration of  IoT-
           domotics  with  blockchain, edge computing, 5G and  other   [13] Tian  Y, Zhang  N, Lin  Y-H, et al.  SmartAuth: User-
           technologies, related security research will also continue to   Centered  Authorization  for  the  Internet  of
           expand and become an important pillar of the development   Things[C]//USENIX Security Symposium. 2017.
           of IoT-domotics.
                                                              [14]  Jia  Y, Xing  L, Mao  Y,  et al.  Burglars’  iot paradise:
                            REFERENCES                            Understanding and mitigating security risks of general
                                                                  messaging  protocols  on iot clouds[C]//2020  IEEE
           [1]  ISO/IEC TR 22417:2017  Information  technology  -   Symposium on Security and Privacy (SP). 2020.
               Internet of things (IoT)-IoT use cases. ISO, 2017.
                                                              [15] Trimananda  R, Varmarken  J, Markopoulou  A, et al.
           [2]  Chang, V., Chundury, P., Chetty, M.: “Spiders in the   Packet-Level  Signatures  for  Smart  Home
               sky”: user perceptions of drones, privacy, and security.   Devices[C]//Network and Distributed Systems Security
               In: Chi 2017 (2017).                               (NDSS) Symposium. 2020.

           [3]  Zeng, E.,  Mare, S., Roesner, F.: End  user  security  &   [16] Apthorpe N, Huang D Y, Reisman D, et al. Keeping the
               privacy concerns with smart homes. In: Symposium on   Smart Home Private  with Smart  (er)  IoT Traffic
               Usable Privacy and Security (SOUPS) (2017).        Shaping[C]//Proceedings  on  Privacy  Enhancing
                                                                  Technologies. 2019:128-148.
           [4]  Hill, K.: How a creep hacked a baby monitor to say lewd
               things to a 2-year-old. Forbes.com (2013).     [17] Zhou  J, Du  Y, Shen  Z, et al.  Silhouette: Efficient
                                                                  protected  shadow    stacks   for   embedded
           [5]  G. Ho, D. Leung, P. Mishra, A. Hosseini, and D. Song.   systems[C]//USENIX Security Symposium. 2020.
               Smart locks: Lessons for securing commodity Internet
               of  Things  devices.  In  Proceedings  of  the  ACM   [18] Almakhdhub  N S, Clements  A A, Baghchi  S, et al.
               Conference on Computer and Communications Security   μRAI:Securing  Embedded  Systems  with  Return
               (CCS), 2016.                                       Address Integrity[C]//Network and Distributed Systems
                                                                  Security (NDSS) Symposium. 2020.
           [6]  Chung, H., J. Park, and S. Lee. 2017. Digital forensic
               approaches  for Amazon  Alexa  ecosystem.  Digital
               Investigation 22:S15–S25. 2017.









                                                           – 82 –