Inferring Device Interactions for Attack Path Discovery in Smart Home IoT.

In smart home Internet of Things (IoT) systems, interactions between devices are driven in two ways: automation applications (apps), and the physical channels (e.g., temperature, smoke). Meanwhile, device interactions can be maliciously exploited to launch IoT attacks. However, limited efforts explore whether it is feasible to discover potential exploitable device interactions from IoT deployments. This paper proposes a novel framework to detect interactions among devices (D-interact) from eavesdropped network traffic and device function descriptions, and discover all potential exploitable device interactions (i.t., attack paths). First, we use the packet-level patterns to fingerprint IoT device events and then identify all IoT device events from the eavesdropped traffic. Furthermore, we mine temporal and conditional dependencies of IoT events to infer device interactions introduced by IoT apps. Besides, to identify interactions between devices and physical channels, we use the natural language processing (NLP) technique to analyze device function descriptions. Based on the obtained device interactions, D-interact builds a device interaction graph to discover attack paths. To demonstrate the feasibility of our approach, we implement D-interact in a real-world smart home including 24 devices and 29 apps. The experiment results show that 38 device interactions are identified and 26 device interaction paths could be potentially exploited to impact the safety of the IoT environment.