Towards More Privacy-Preserving and Practical Internet-of-Things Devices
IoT (Internet-of-Things) devices have seen widespread deployment over the past decade. Since they enable home appliances to connect to the Internet, IoT services have made daily life much more convenient. However, on the other hand, they have also made home appliances open to the public on the Internet and thus have introduced vulnerabilities and threats to user privacy that were previously not possible on disconnected devices. Security and privacy incidents of IoT devices are reported every year, and the topic has received considerable attention from both security researchers and IoT manufacturers.This thesis first surveys the background of IoT devices, including what is provided on the market and the feature sets of existing products. We then look at existing studies which discuss the security and privacy threats of IoT systems.The main contribution of this thesis is a privacy-preserving framework for generalized IoT devices. The framework is designed to defend against the vulnerabilities and threats mentioned above. It offers security and privacy while supporting the features offered by modern IoT devices and is suitable for typical home networks. We also propose communication and attacker models in this scenario and assess the framework's security and usability features.Finally, we conduct a case study, which focuses on a specific type of IoT system, namely Internet-enabled video doorbells. We implement a privacy-preserving doorbell system using the proposed design, evaluate its usability and compare it with existing products.
MetadataShow full item record
Showing items related by title, author, creator and subject.