SmartPatch: Verifying the Authenticity of the Trigger-Event in the IoT Platform

Emerging IoT clouds are playing a more important role in modern lives, enabling users/developers to program applications to make better use of smart devices. However, preliminary research has shown IoT cloud vulnerabilities could expose IoT users to security risks. To better understand the problem, we studied the SmartThings cloud, one of the most popular IoT cloud platforms that support user-defined device automation (SmartApps). Specifically, we found new vulnerabilities in SmartThings that allow attackers to fake events to trigger the SmartApps to operate devices (e.g., open a lock). Exploiting such vulnerabilities, we successfully faked 7 different types of events, which impact 138 (out of 187) SmartThings' official open-sourced SmartApps. To defeat such attacks, we propose an authenticity-verification-based scheme to deny fake events. Moreover, we designed a tool, SmartPatch, to help users secure their SmartThings systems. In specific, SmartPatch automatically patches the vulnerable SmartApps and Device Handlers (input) and outputs the flawless programs, which are ready for users to deploy in their SmartThings systems. We have made SmartPatch publicly available. With the help of SmartPatch, we patched all the vulnerable SmartThings' official open-sourced programs (146 SmartApps and 321 Device Handlers). Experiments have shown the compatibility, effectiveness, and efficiency of our proposed approach.