we directly use the 1I environment channels and the newly discovered two channels.And then we calculate the similarity of the application name,description,annotations and enviro- 20 ments by using the Count Vectorizer provided in sklearn [12]. 150 100 C.Interaction generation between applications and rules 50 Use the above extracted intra-interaction and the relations SmartApps Apps Rules between capabilities and the environments,we can extract the Intraactionsalnteractio interactions formed by applications and rules.We use a trigger- Fig.3.Amount of Different Dataset's Interaction Dependency. action tuple to represent a intra-interaction,where trigger is composed of capability and corresponding trigger conditions, or rules can form insecure interactions.We will continue to and action is composed of capability and corresponding com- study in this direction and hope to implement it. mands.The algorithm is shown in Algorithm 1.The algorithm Strategy II:Let application developers pay more attention first reads all the intra-interactions and the ralations between to this kind of problem.In the development process,try to the capabilities and the environments,and then compares combine the conditions of multiple sensor data and events whether the two applications can form interactions in the same to enhance the trigger conditions of the commands.What's environment,and finally outputs the generated interactions more,we can do this by code instrumentation,and it is also between two applications or rules.For the system channels, compatible with older versions of the applications. we treat it like literature [61. IV.EXPERIMENTAL EVALUATION Algorithm 1 Algorithm for Extracting Interactions cross A.Setup mutil-Apps and Rules We obtain all 187 applications in the Samsung SmartThings Input:intraactions_app:intraactions_rule:capabilityChan- platform,14 of which are unable to analyze because of dy- nelMap Output:interactions namic pages;48 SmartApps are services for external services, there is no to-be-searched interaction defined in this paper,and 1:for each l in intraactions_app do 5 applications are about voice.The remaining 120 applications 2: for each r in intraactions rule do can be successfully analyzed.We collect all the 244 rules for 3: if ==r then the SmartThings applications from the IFTTT platform,and 4 continue choose 98 rules with keyword "when",but some of the rules 5: end if that are not supportted by SmartThings platform and some 6: ICapa =l.acCapa rules'semantic are the same,so finally the number of rules 7: rCapa r.triCapa that are successfully converted into SmartApp is 41. 8: channelsL+capabilityChannelMaplCapa We conduct our experiments on a machine with Intel Core 9 channelsRcapabilityChannelMap(rCapal i5-4210M 2.60GHz CPU,16.0GB RAM and Ubuntu 1604 10: chs channelsLn channelsR operating system. 11 if chs!=0 and ICapa ==rCapa then 12: for each channel in chs do B.Experimental Result 13: interaction.s←[，channel,,t] To better assess our tools,we conducted experimental 14: end for analysis from three perspectives. 15 end if 16: end for RQ 1:How effective is IoTIE in extracting interactions 17:end for cross multi-platforms? RQ 2:After risk analysis of the interactions,what prob- lems do we find? RO 3:Compared with other tools.what are our D.Interaction analysis and risk mitigation strengths? We categories the discovered interactions by tagging higher- RQ 1:The Effectiveness to find the interactions.We risk commands,devices,and capabilities (such as opening conducted four groups of experiments.The datasets contains windows,turning on heaters,and sending photos)to identify 120 SmartApps,41 rules and mixed together respectively.The risky interactions.These high-risk interactions not only create last group is that the two sides of an interaction are formed undesired automation,but also bring security and safety issues. by SmartApps and rules. Finally,based on these high-risk interactions.two strategies for The results are shown in Figure 3.177 interactions were risk mitigation are proposed. formed by 120 SmartApps;4 interactions were formed by Strategy I:Implementing the IoTIE on the indoor hub. 41 rules;There are 231 interactions in the dataset of 120 When a new application is installed,it can detect whether SmartApps and 41 rules.It can be seen that when rules are the installed applications and the to-be-installed applications added,there are more interactions that users do not expect 993we directly use the 11 environment channels and the newly discovered two channels. And then we calculate the similarity of the application name, description, annotations and enviro￾ments by using the CountVectorizer provided in sklearn [12]. C. Interaction generation between applications and rules Use the above extracted intra-interaction and the relations between capabilities and the environments, we can extract the interactions formed by applications and rules. We use a trigger￾action tuple to represent a intra-interaction, where trigger is composed of capability and corresponding trigger conditions, and action is composed of capability and corresponding com￾mands. The algorithm is shown in Algorithm 1. The algorithm first reads all the intra-interactions and the ralations between the capabilities and the environments, and then compares whether the two applications can form interactions in the same environment, and finally outputs the generated interactions between two applications or rules. For the system channels, we treat it like literature [6]. Algorithm 1 Algorithm for Extracting Interactions cross mutil-Apps and Rules Input: intraactions app; intraactions rule; capabilityChan￾nelMap Output: interactions 1: for each l in intraactions app do 2: for each r in intraactions rule do 3: if l == r then 4: continue 5: end if 6: lCapa = l.acCapa 7: rCapa = r.triCapa 8: channelsL ← capabilityChannelM ap[lCapa] 9: channelsR ← capabilityChannelM ap[rCapa] 10: chs ← channelsL ∩ channelsR 11: if chs! = ∅ and lCapa == rCapa then 12: for each channel in chs do 13: interactions ← [l, channel, r] 14: end for 15: end if 16: end for 17: end for D. Interaction analysis and risk mitigation We categories the discovered interactions by tagging higher￾risk commands, devices, and capabilities (such as opening windows, turning on heaters, and sending photos) to identify risky interactions. These high-risk interactions not only create undesired automation, but also bring security and safety issues. Finally, based on these high-risk interactions, two strategies for risk mitigation are proposed. Strategy I: Implementing the IoTIE on the indoor hub. When a new application is installed, it can detect whether the installed applications and the to-be-installed applications 濃 濈濃 濄濃濃 濄濈濃 濅濃濃 濅濈濃 濦瀀濴瀅瀇濔瀃瀃瀆 濜濙濧濧濧澳濥瀈濿濸瀆 濔瀃瀃瀆澳澹澳濥瀈濿濸瀆 濄濅濊 濇濃 濄濉濇 濄濊濊 濇 濅濆濄 濔瀀瀂瀈瀁瀇 濜瀁瀇瀅濴濴濶瀇濼瀂瀁瀆 濜瀁瀇濸瀅濴濶瀇濼瀂瀁瀆 Fig. 3. Amount of Different Dataset’s Interaction Dependency. or rules can form insecure interactions. We will continue to study in this direction and hope to implement it. Strategy II: Let application developers pay more attention to this kind of problem. In the development process, try to combine the conditions of multiple sensor data and events to enhance the trigger conditions of the commands. What’s more, we can do this by code instrumentation, and it is also compatible with older versions of the applications. IV. EXPERIMENTAL EVALUATION A. Setup We obtain all 187 applications in the Samsung SmartThings platform, 14 of which are unable to analyze because of dy￾namic pages; 48 SmartApps are services for external services, there is no to-be-searched interaction defined in this paper, and 5 applications are about voice. The remaining 120 applications can be successfully analyzed. We collect all the 244 rules for the SmartThings applications from the IFTTT platform, and choose 98 rules with keyword “when”, but some of the rules that are not supportted by SmartThings platform and some rules’ semantic are the same, so finally the number of rules that are successfully converted into SmartApp is 41. We conduct our experiments on a machine with Intel Core i5-4210M 2.60GHz CPU, 16.0GB RAM and Ubuntu 1604 operating system. B. Experimental Result To better assess our tools, we conducted experimental analysis from three perspectives. RQ 1: How effective is IoTIE in extracting interactions cross multi-platforms? RQ 2: After risk analysis of the interactions, what prob￾lems do we find? RQ 3: Compared with other tools, what are our strengths? RQ 1: The Effectiveness to find the interactions. We conducted four groups of experiments. The datasets contains 120 SmartApps, 41 rules and mixed together respectively. The last group is that the two sides of an interaction are formed by SmartApps and rules. The results are shown in Figure 3. 177 interactions were formed by 120 SmartApps; 4 interactions were formed by 41 rules; There are 231 interactions in the dataset of 120 SmartApps and 41 rules. It can be seen that when rules are added, there are more interactions that users do not expect 993