2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) Multi-platform Application Interaction Extraction for IoT Devices Zhao Chen,Fanping Zeng,Tingting Lu,Wenjuan Shu School of Computer Science and Technology University of Science and Technology of China Email:chen95@mail.ustc.edu.cn.billzeng @ustc.edu.cn,tingtlu,shuwjy@mail.ustc.edu.cn Abstract-IoT devices used in smart home have become on the lights.It can also be an action to send a text message a fundamental part of modern society.Such devices enable or a photo. our living space to be more convenient.This enables human Due to the coarse-grained capability management policy, interaction with physical environment,also happens between two applications or others third-party rules in addition,and there are security issues such as privilege abuse and stealing causes some unexpected automation.even causes safety concerns. device pin code on the SmartThings platform[3].Because What's worse is that attackers can leverage stealthy physical smart home applications are not sparsely distributed,they often interactions to launch attacks against IoT systems or steal affect each other and cause security risks.For example,one user privacy.In this paper,we propose a tool called IoTIE application turns on a heater in a room,another one detects that discovers any possible physical interactions and extract all potential interactions across applications and rules in the IoT smoke and then opens the windows.These two applications environment.And we present a comprehensive system evaluation create insecure interactions due to the same environment.Ding on the Samsung SmartThings and IFTTT platform.We study et al.designed and implemented IotMon for this problem. 187 official SmartThings applications and 98 IFTTT rules,and which only can be used to detect the applications of the find they can form 231 hidden inter-app interactions through SmartThings platform [6]. physical environments.In particular,our experiment reveals that 74 interactions are highly risky and could be potentially exploited IFTTT:The Trigger-Action platform is mainly used for to impact the security and safety of the IoT environment. user-defined control rules,including IFTTT [7]and Zapier [8]. Index Terms-loT,multi-platform,application analysis and These platforms allow users to customize device control rules, interaction extraction bind it to a specific devices and trigger actions of the device. For example,a rain warning is pushed to a user's mobile I.INTRODUCTION device based on a third-party weather service.In addition, In recent years,the Internet of Things(oT)platforms and when detecting an action,the device may capture a photo and applications have been developed rapidly,and smart home post it to a social websites such as Twitter,thereby causing applications have entered the lives of a large number of leakage of user privacy which means these platforms also users which have made users'lives more intelligent,efficient introduce a long-term security risk[9].Recently,the quantity and convenient.For example,water flow sensors and smart of users using third-party platforms has gradually increased, meters are used to improve energy efficiency,motion sensors this means cross-platform application interaction analysis is and door locks which are connected to the Internet make it urgently needed. easier to control doors.In order to capture the large-scale Since the IoT platforms such as SmartThings support user- market of smart homes,many IoT platforms have provide defined device control logic,and the rules provided by the convenient device control mechanisms,such as Samsung's third-party Trigger-Action platform can easily control autho- SmartThings [1]and Apple's Home Kit [2].However some rized devices.the interactions between applications and rules literature researches have shown that these smart applications due to the common physical environment are likely to bring are insufficient to protect users'security and privacy [3-5],and more safety concerns.Performing the security analysis was often cause users to fall into an insecure and unsafe situation. challenging because the SmartThings platform is a closed- At the same time,interactive interfaces between a device source system and the IFTTT rules are not standard.This and a third-party Trigger-Action platform are also designed makes it difficult to implement a unified analysis method to to support user-defined device control rules,but this further deal with both SmartApps and IFTTT rules.Thus,we propose exacerbates the security risks of the IoT system. an unified interaction extraction method for multi-platform IoT SmartThings:Current IoT systems generally consist of applications(rules)due to the shared physical environment, three main components:(1)a hub and some sensing devices, and implement an IoT Interaction Extraction(IoTIE)tool.Our (2)a closed-source backend platform,and (3)a companion main contributions are as follows: application for controlling home devices.Apart from these, 1)We implement a prototype system to extract interac- SmartThings'backend platform further provides an online tion for multi-platform IoT applications.which converts coding IDE and application emulation tool.The application IFTTT rules into SmartApps and analyzes the interactions which called SmartApp can subscribe device events or system they formed. variable to trigger the corresponding actions.The actions can 2)We collect 244 rules on the IFTTT platform that can be be commands to a single or multiple devices,such as turning used to control SmartThings devices,and 187 smartapps 978-1-7281-2583-1/19/S31.00©2019EEE 990 D0I10.1109/1 CPADS.2019.00151Multi-platform Application Interaction Extraction for IoT Devices Zhao Chen, Fanping Zeng, Tingting Lu, Wenjuan Shu School of Computer Science and Technology University of Science and Technology of China Email: chen95@mail.ustc.edu.cn, billzeng@ustc.edu.cn, {tingtlu, shuwj}@mail.ustc.edu.cn Abstract—IoT devices used in smart home have become a fundamental part of modern society. Such devices enable our living space to be more convenient. This enables human interaction with physical environment, also happens between two applications or others third-party rules in addition, and causes some unexpected automation, even causes safety concerns. What’s worse is that attackers can leverage stealthy physical interactions to launch attacks against IoT systems or steal user privacy. In this paper, we propose a tool called IoTIE that discovers any possible physical interactions and extract all potential interactions across applications and rules in the IoT environment. And we present a comprehensive system evaluation on the Samsung SmartThings and IFTTT platform. We study 187 official SmartThings applications and 98 IFTTT rules, and find they can form 231 hidden inter-app interactions through physical environments. In particular, our experiment reveals that 74 interactions are highly risky and could be potentially exploited to impact the security and safety of the IoT environment. Index Terms—IoT, multi-platform, application analysis and interaction extraction I. INTRODUCTION In recent years, the Internet of Things(IoT) platforms and applications have been developed rapidly, and smart home applications have entered the lives of a large number of users which have made users’ lives more intelligent, efficient and convenient. For example, water flow sensors and smart meters are used to improve energy efficiency, motion sensors and door locks which are connected to the Internet make it easier to control doors. In order to capture the large-scale market of smart homes, many IoT platforms have provide convenient device control mechanisms, such as Samsung’s SmartThings [1] and Apple’s Home Kit [2]. However some literature researches have shown that these smart applications are insufficient to protect users’ security and privacy [3–5], and often cause users to fall into an insecure and unsafe situation. At the same time, interactive interfaces between a device and a third-party Trigger-Action platform are also designed to support user-defined device control rules, but this further exacerbates the security risks of the IoT system. SmartThings: Current IoT systems generally consist of three main components: (1) a hub and some sensing devices, (2) a closed-source backend platform, and (3) a companion application for controlling home devices. Apart from these, SmartThings’ backend platform further provides an online coding IDE and application emulation tool. The application which called SmartApp can subscribe device events or system variable to trigger the corresponding actions. The actions can be commands to a single or multiple devices, such as turning on the lights. It can also be an action to send a text message or a photo. Due to the coarse-grained capability management policy, there are security issues such as privilege abuse and stealing device pin code on the SmartThings platform[3]. Because smart home applications are not sparsely distributed, they often affect each other and cause security risks. For example, one application turns on a heater in a room, another one detects smoke and then opens the windows. These two applications create insecure interactions due to the same environment. Ding et al. designed and implemented IotMon for this problem, which only can be used to detect the applications of the SmartThings platform [6]. IFTTT: The Trigger-Action platform is mainly used for user-defined control rules, including IFTTT [7] and Zapier [8]. These platforms allow users to customize device control rules, bind it to a specific devices and trigger actions of the device. For example, a rain warning is pushed to a user’s mobile device based on a third-party weather service. In addition, when detecting an action, the device may capture a photo and post it to a social websites such as Twitter, thereby causing leakage of user privacy which means these platforms also introduce a long-term security risk[9]. Recently, the quantity of users using third-party platforms has gradually increased, this means cross-platform application interaction analysis is urgently needed. Since the IoT platforms such as SmartThings support user￾defined device control logic, and the rules provided by the third-party Trigger-Action platform can easily control autho￾rized devices, the interactions between applications and rules due to the common physical environment are likely to bring more safety concerns. Performing the security analysis was challenging because the SmartThings platform is a closed￾source system and the IFTTT rules are not standard. This makes it difficult to implement a unified analysis method to deal with both SmartApps and IFTTT rules. Thus, we propose an unified interaction extraction method for multi-platform IoT applications(rules) due to the shared physical environment, and implement an IoT Interaction Extraction(IoTIE) tool. Our main contributions are as follows: 1) We implement a prototype system to extract interac￾tion for multi-platform IoT applications, which converts IFTTT rules into SmartApps and analyzes the interactions they formed. 2) We collect 244 rules on the IFTTT platform that can be used to control SmartThings devices, and 187 smartapps 990 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) 978-1-7281-2583-1/19/$31.00 ©2019 IEEE DOI 10.1109/ICPADS.2019.00151