Eric Zeng, Shrirang Mare, and Franziska Roesner, University of Washington
The Internet of Things is becoming increasingly widespread in home environments. Consumers are transforming their homes into smart homes, with internet-connected sensors, lights, appliances, and locks, controlled by voice or other user-defined automations. Security experts have identified concerns with IoT and smart homes, including privacy risks as well as vulnerable and unreliable devices. These concerns are supported by recent high profile attacks, such as the Mirai DDoS attacks. However, little work has studied the security and privacy concerns of end users who actually set up and interact with today's smart homes. To bridge this gap, we conduct semi-structured interviews with fifteen people living in smart homes (twelve smart home administrators and three other residents) to learn about how they use their smart homes, and to understand their security and privacy related attitudes, expectations, and actions. Among other findings, we identify gaps in threat models arising from limited technical understanding of smart homes, awareness of some security issues but limited concern, ad hoc mitigation strategies, and a mismatch between the concerns and power of the smart home administrator and other people in the home. From these and other findings, we distill recommendations for smart home technology designers and future research.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Eric Zeng and Shrirang Mare and Franziska Roesner},
title = {End User Security and Privacy Concerns with Smart Homes},
booktitle = {Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017)},
year = {2017},
isbn = {978-1-931971-39-3},
address = {Santa Clara, CA},
pages = {65--80},
url = {https://www.usenix.org/conference/soups2017/technical-sessions/presentation/zeng},
publisher = {USENIX Association},
month = jul
}