Files

thesis_DeKeersmaeker.pdf
  • Open Access
  • Adobe PDF
  • 3.56 MB

Details

Authors
Supervisors
;
Abstract
(en) The Internet of Things (IoT) is entering every layer of our society, including in our homes, by forming the popular Smart Home paradigm. The everyday household objects comprised in those environments are now able to communicate over the network, which enables new capabilities, but can also be a threat to their security, and therefore their safety and privacy. Due to their proximity to the user, their security should be a prime concern, yet is often overlooked for functionality and performance reasons. As most of those devices exhibit bounded communication patterns, an effective protection strategy would be to specify all such allowed patterns in a profile, and deny any which does not comply. This thesis is inscribed in this direction. We first design a format expressing allowed network traffic patterns in the form of a profile, enhancing existing efforts by including support for complex traffic patterns arising from interactions between multiple devices. For our format to be used in practice, we implement a pipeline which produces actual firewall configuration files enforcing the profile. Subsequently, we develop a framework which automatically extracts traffic patterns tied to a Smart Home device action. While existing works only do so superficially, ours is more in-depth, and is able to discover substantially more patterns, including many which do not occur by default but only when some others are blocked. We leverage the latter as a measure of the Smart Home device's robustness, a desirable feature which ensures the correct operation of a home automation installation.
Affiliations

Citations

De Keersmaeker, F. (2026). Profile-based security and in-depth characterization of Smart Home network communications. https://hdl.handle.net/2078.5/276507