HomeSnitch: Behavior Transparency and Control for Smart Home IoT Devices

Abstract

The widespread adoption of smart home IoT devices has led to a broad and heterogeneous market with �awed security designs and privacy concerns. While the quality of IoT device software is unlikely to be �xed soon, there is great potential for a network-based solution that helps protect and inform consumers. Unfortunately, the encrypted and proprietary protocols used by devices limit the value of traditional network-based monitoring techniques. In this paper, we present H���S�����, a building block for enhancing smart home transparency and control by classifying IoT device communication by semantic behavior (e.g., heartbeat, �rmware check, motion detection). H���S����� ignores payload content (which is often encrypted) and instead identi�es behaviors using features of connection-oriented application data unit exchanges, which represent application-layer dialog between clients and servers. We evaluate H���S����� against an independent labeled corpus of IoT device network �ows and correctly detect over 99% of behaviors. We further deployed H���S����� in a home environment and empirically evaluated its ability to correctly classify known behaviors as well as discover new behaviors. Through these e�orts, we demonstrate the utility of network-level services to classify behaviors of and enforce control on smart home devices.