Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case Study
The combination of smart home platforms and automation apps introduces much convenience to smart home users. However, this also brings the potential for privacy leakage. If a smart home platform is permitted to collect all the events of a user day and night, then the platform will learn the behavior pattern of this user before long. In this paper, we investigate, how IFTTT, one of the most popular smart home platforms, has the capability of monitoring the daily life of a user in a variety of ways that are hardly noticeable. Moreover, we propose multiple ideas for mitigating the privacy leakage, which altogether forms a Filter-and-Fuzz (FF) process: first, it filters out events unneeded by the IFTTT platform; then, it fuzzes the values and frequencies of the remaining events. We evaluate the FF process, and the result shows that the proposed solution makes IFTTT not able to recognize any behavior patterns of the users.
READ FULL TEXT