Short: Smart-Phones Attacking Smart-Homes

Vijay Sivaraman, Dominic Chan, Dylan Earl, Roksana Boreli

The explosion in Internet-connected household devices, such as light-bulbs, smoke-alarms, power-switches, and webcams, is creating new vectors for attacking “smart-homes” at an unprecedented scale. Common perception is that smart-home IoT devices are protected from Internet attacks by the perimeter security offered by home routers. In this paper we demonstrate how an attacker can infiltrate the home network via a doctored smart-phone app. Unbeknownst to the user, this app scouts for vulnerable IoT devices within the home, reports them to an external entity, and modifies the firewall to allow the external entity to directly attack the IoT device. The ability to infiltrate smart-homes via doctored smart-phone apps demonstrates that home routers are poor protection against Internet attacks and highlights the need for increased security for IoT devices.

This short paper challenges the assumption that IoT devices within a home are protected from external attackers by NAT and/or firewalls. To do so, the authors create a proof-of-concept iOS application that discovers IoT devices and uses Universal Plug-n-Play to reconfigure routers to enable external access. The paper describes how this functionality could be bundled along with an otherwise benign iOS application. While the reviewers had concerns over the technical novelty of the described attacks, they felt that the message was important for the community and therefore was sufficient contribution for a short paper.