smart living

Data Security and Privacy in the Era of Floating Homes

/ bugejajoseph / Leave a comment
Image source: https://reinaboats.com/reinaboats/reina-mini-t24

Slightly over a year ago, I mentioned Ocean Builders’ innovative living pods and how they are using smart home technologies in their vessels. Now, a new contender, Reina, takes the stage. Reina’s flagship yacht home model, the luxurious Reina Live L44DR, showcases not only lavishness but enhanced comfort and convenience also by incorporating smart home functionalities (smart TV, smart speakers, etc.).

The transition from a fixed abode to a mobile dwelling incites inquiry. Can a floating home offer a higher degree of security and privacy compared to its stationary counterpart? Do the potential challenges of connectivity experienced within the realm of floating homes share similarities with those encountered in the context of connected cars and trucks? Beyond concerns about location privacy, the intricate facets of this discourse warrant scholarly exploration, as the enduring appeal of these aquatic residences persists. This theme was also briefly addressed in one of the recent conferences at which I presented.

Exploring the Frontier of Green Intelligent Homes: My Presentation in Prague

/ bugejajoseph / 1 Comment
Photo by Capricious Wayfarer (Saptarshi) on Pexels.com

As we continue to embrace the benefits of smart technology, the concept of the Green Intelligent Home is an exciting and promising development in the evolution of smart homes. Our paper, which I presented at the IoTBDS conference in Prague last weekend, explores this frontier.

The possibilities of a world where Green Intelligent Homes are the norm are intriguing, as they offer increased automation, personalization, sustainability, and more. Nonetheless, as with any emerging technology, it is important to be aware of potential risks and implications. These range from security and privacy, manipulation of people, a lack of self-sufficiency, and more.    

As the Green Intelligent Home prospect continues to develop, it is essential to stay informed and explore the potential of this technology. In case you are interested in learning more about the Green Intelligent Home or collaborating on related projects, please get in touch.

The Matter Smart Home Standard

/ bugejajoseph / Leave a comment
Photo by John Tekeridis on Pexels.com

Matter is a royalty-free smart home standard that promotes platform and device interoperability. Built on the Internet Protocol, Matter enables communication across smart home devices and ecosystems over a variety of IP-based networking technologies, such as Thread, Wi-Fi, and Ethernet.

The persistent need for an Internet connection experienced by modern IoT devices is likewise addressed by the Matter smart home standard. Indeed, Matter products run locally and do not rely on an Internet connection, although the standard is designed to readily communicate with the cloud.

Security is a fundamental premise of Matter. Matter functional security includes the following five characteristics:

  • Comprehensive – Matter is an open-source framework designed to provide comprehensive security with a layered approach that includes authentication, attestation, message protection and firmware updates, relying solely on its own security features and not on external communication protocols.
  • Strong – Matter implements a variety of security techniques, including a cryptosuite based on AES, SHA-256, and ECC, as well as passcode-based session and certificate-based establishment protocols. It also adopts device attestation and the CSA Distributed Compliance Ledger to guarantee a compliant and interoperable ecosystem.
  • Easy to use – Matter security is a smart device platform designed to make the implementation and use of smart devices much easier for device makers and consumers alike. It comes with open source reference implementations and well-defined security assets, making it a secure and simple solution for customers.
  • Resilient – Matter security is designed to protect, detect, and recover data, utilizing multiple protocols and measures to prevent denial of service attacks and provide resilience even when sleeping devices are involved.
  • Agile – Matter is a crypto-flexible protocol that abstracts cryptographic primitives, enabling the specification to be quickly changed or upgraded in response to new security threats. The modular design also allows for individual protocols to be replaced without completely overhauling the whole system.

Matter is paving the way for a secure and reliable connected home of the future. With its comprehensive security and ability to operate without an Internet connection, Matter is the ideal choice for modern IoT devices. It is revolutionizing the way home devices communicate, providing a safe and secure environment for the connected home of the future.

Read more here: https://csa-iot.org/wp-content/uploads/2022/03/Matter_Security_and_Privacy_WP_March-2022.pdf and https://csa-iot.org/all-solutions/matter/

Keeping Your Smart Home Secure

/ bugejajoseph / Leave a comment

Smart homes are increasingly being subjected to attacks. The motives for this range from pranking users, causing chaos, cyberstalking, and more nefarious purposes. In spite of that, there are various strategies that residents can use to keep their home secure from intruders. In my latest article, I identify and discuss five of these strategies.

Check out the full article (in Swedish) by clicking here.

A full transcript in English is available to any interested reader.

That is a Wrap On Computing 2020

/ bugejajoseph / Leave a comment

As a follow-up to my previous blog post, I can say that it was an honor to participate yesterday and on Thursday at the Computing Conference 2020.  It was very well organized, professionally executed, and fun!

There was a wide range of presenters coming from different research areas covering computing, AI, security, IoT, and much more. It was also cool to have a Mindfulness and Yoga general session at the conference. This was something unique!

Here, is a screenshot of my presentation with feedback received. Also, I got private messages for collaboration work and I truly appreciate those!

My Presentation

My presentation with feedback received.

Once again thanks for the thumbs up and already looking forward to next year’s edition!

Talking about DoS Attacks at the Computing Conference

/ bugejajoseph / Leave a comment

On Friday, 17 July 2020, I will be talking at the Computing Conference 2020. This conference going was going to be held in London but due to the COVID-19 pandemic, it is now going to be held fully online. I am especially excited to listen to the keynote of Vinton G. Cerf. He is widely known as a “father of the Internet”. Cerf is also the vice president and Chief Internet Evangelist for Google.  During the conference, I will be talking about Denial of Service (DoS) attacks and how commercial devices are prone to severe forms of this attack.

DoS is a widely used attack vector by various malicious threat agents from hackers to nation-states. Its consequences range from a nuisance to loss of revenues to even loss of life. Think about for instance the effects of disabling medical devices such as pacemakers, drones and weapon systems, connected alarm systems, and so on. In the case of smart homes, DoS may be the first attack to remove a component from a network to exploit a vulnerability.  In our study, we found devices manufactured by established commercial players prone especially to HTTP GET DoS attacks. This can result in the complete shutdown of the device, possibly remotely, by using a simple exploit with code available over the Internet.

DoS attacks targeting the smart connected home.

Take a look at the conference agenda and have a read of my conference paper. I will be uploading my presentation slides after the conference is held under my Presentations tab.

Feel free to drop me a message or get in touch if you want to know more about this topic or in case you are interested in information security.

Investigating Privacy Threats in Smart Homes

/ bugejajoseph / Leave a comment

On Tuesday, I gave a presentation at PerCom 2020. This was the first time, the conference was held completely online (due to the global pandemic of COVID-19), and speakers were asked to deliver their presentations remotely over Zoom.

In my case, I gave two live presentations in the Work In Progress (WiP) session being chaired by Diane Cook.  During this time, I discussed how smart connected homes can be formally modeled so that privacy threats can be systematically identified and analyzed.  Take a look at my short teaser clip below.

In case you are interested in the accompanying poster for my presentation, you can access it either from my Presentations menu tab or otherwise by clicking here.  Also, I have uploaded the slides for the video which you can access here.

As always, please feel free to contact me in case you want to know more about this paper, and about security and privacy in general. Finally, I want to remind and encourage you to submit to PerCom or its workshops. You can get some high-quality feedback on your work that can help you improve it and more.

Smart home datasets and a realtime Internet-connected home

/ bugejajoseph / 1 Comment
When designing an algorithm or as a means  to justify an approach you have  pursued in your research you need at some point empirical data.  In the case of the IoT, more specifically when it comes to smart homes, there is a lack of open-source datasets available for public access and unfortunately some of them disappear (from the Internet) after being active for a couple of months. My preferred collection of smart home datasets are developed and curated by Washington State University. In particular, I am referring to the  Centre for Advanced Studies in Adaptive Systems (CASAS) smart home project.
 
CASAS  is a multi-disciplinary research project focused on creating an intelligent home environment by using IoT technologies such as sensors and actuators. This same team has developed in its recent research the “smart home in a box”, which is a lightweight smart home design that has been installed in 32 homes to capture the participants interactions.
 
The link to access CASAS datasets is: http://casas.wsu.edu/datasets/. Datasets included consist mainly of ADL activity data of single/two/multi-resident apartments. Some of the datasets are fully annotated with some of them going back to 2007 (and still running) and spanning different countries from Europe to Asia.
 
 Some other useful datasets; highly cited in scholarly publications; that are also featured on CASAS’ website are:
 
In case you are not satisfied with the datasets identified here you can also consider two generic sites, working similar to a search engine, but for datasets. I am referring specifically to: DataHub and Google datasets.
 

An Internet-connected home in the Netherlands.

Now, if you want to take a peek at a cool smart home setup in the Netherlands displaying its captured and processed data in realtime on the Internet take a look at https://www.bwired.nl/index.asp
 
If you need any information about smart homes or related just get in touch 🙂

My talk in Japan

/ bugejajoseph / Leave a comment

On Monday 11th March, I attended IEEE PerCom in Kyoto, Japan.  PerCom is regarded as a top scholarly venue in the areas of pervasive computing and communications. It is my third year participating in this conference. This year, I presented a paper titled: “IoTSM: An End-to-end Security Model for IoT Ecosystems”, in PerLS’19 – Third International Workshop on Pervasive Smart Living Spaces.

My presentation, live demos, and paper awards at the International Conference Center in Kyoto (2019).

In my presentation, I talked about how most of the reviewed security frameworks and maturity models, tend to focus more on securing web applications and services, but have not evolved particularly to cater for the additional complexities and challenges that IoT technologies bring to the table. While most of the security practices remain similar, IoT requires additional checks and balances to implement effective security.  Some reasons for this, is that IoT applications by their nature tend to be Internet-connected, deal with highly personal data, and feature complex interdependencies involving multiple stakeholders and third-party systems.

Reviewing the existing scholarly literature and interviewing various IoT security experts based in Sweden, we especially observe the need for continuous processes rather periodical processes. For instance, when it comes to risk assessment in IoT it is especially preferred if it is “continuous” in order to deal with the highly dynamic nature of IoT systems. Unfortunately, there is a shortage of methodologies for that and most of the related research work is still in its early stages.  Moreover, we note the lack of security awareness common across the industry, e.g., with regards to “threat modelling”, but as well its applications to model data flows, in particular to deal with information privacy.  Finally, we recognise the diversity of IoT security requirements. While for a traditional application, one needs to ensure service, network, and physical security for IoT one might need as well other to consider other requirements, e.g., that of ensuring resilience, data security, cloud security. Likewise, IoT may require to cater for additional threat agent goals. Such goals may not necessarily be related to confidentiality, integrity, and availability.

Take a look at my presentation: IoTSM: An End-to-end Security Model for IoT Ecosystems