Lumos: Improving Smart Home IoT Visibility and Interoperability Through Analyzing Mobile Apps Jeongmin Kim * , Steven Y. Ko † , Sooel Son * and Dongsu Han * KAIST * , University at Buffalo, The State University of New York, USA † 1
Smart Home (Internet-of-Things) • Smart home (IoT) integrates diverse “smart” devices (sensors, actuators, and appliances) • By 2024, the market value is expected to reach $151.4 billion (CAGR 12.02%) • Major players are struggling to increase their market share ‣ Market reports indicate the existence of 450 IoT platforms world-wide as of 2017 151.4 76.6 2017 2018 2019 2020 2021 2022 2023 2024 Smart home market (USD billion) Major players in smart home market 2
IoT fragmentation is a significant barrier Status quo of smart home ecosystems • Three major smart home platforms and the number of devices they support • Three observations Cross-platform interoperation is impossible ‣ Devices are locked-in to a specific platform ‣ SmartThings Wink 219 Many IoT devices are still stand-alone ‣ 114 Insteon 52 Count(SmartThings ∩ Wink ∩ Insteon) = 1 Others (stand-alone) Count(SmartThings ∩ Wink) = 25 Fragmented IoT ecosystems 3
Efforts to overcome the obstacle Status quo of smart home ecosystems Requirements They are not Related work widely deployed!!!! 2 3 6 Research 68 14 31 57 Entirely changing current architecture Industry Vendors’ participation Industry projects [2] : A LOI, et al., A mobile multi-technology gateway to enable IoT interoperability, IEEE IoTDI 2016. [3] : A LOI, et al., Enabling IoT interoperability through opportunistic smartphone-based mobile gateways, Journal of Network and Computer Applications 81 2017 [6] : B LACKSTOCK, et al., IoT interoperability: A hub-based approach. In international conference on the internet of things, IEEE IOT 2014 [14]: D ESAI, et al., Semantic gateway as a service architecture for iot interoperability, IEEE MS 2015 [31]: K ILJANDER, et al., Semantic interoperability architecture for pervasive computing and internet of things, IEEE access 2 2014 [57]: SONG, et al., Semantic middleware for the internet of things, IEEE IOT 2010 4 [68]: Z ACHARIAH, et al., The internet of things has a gateway problem, ACM HotMobile 2015
Efforts to overcome the obstacle Status quo of smart home ecosystems Requirements They are not Previous approaches widely deployed!!!! 2 3 6 Goal Research 68 14 31 57 Interacting IoT devices without vendor participation Entirely change current architecture Improving interoperability without architectural modifications Industry Vendors’ participation Industry projects [2] : A LOI, et al., A mobile multi-technology gateway to enable IoT interoperability, IEEE IoTDI 2016. [3] : A LOI, et al., Enabling IoT interoperability through opportunistic smartphone-based mobile gateways, Journal of Network and Computer Applications 81 2017 [6] : B LACKSTOCK, et al., IoT interoperability: A hub-based approach. In international conference on the internet of things, IEEE IOT 2014 [14]: D ESAI, et al., Semantic gateway as a service architecture for iot interoperability, IEEE MS 2015 [31]: K ILJANDER, et al., Semantic interoperability architecture for pervasive computing and internet of things, IEEE access 2 2014 [57]: SONG, et al., Semantic middleware for the internet of things, IEEE IOT 2010 5 [68]: Z ACHARIAH, et al., The internet of things has a gateway problem, ACM HotMobile 2015
Mobile apps play a key role in interacting with IoT devices Key insight • They contain valuable information for interoperability ‣ The ability to monitor and control IoT devices ( visibility and controllability ) ‣ GUI of the apps includes semantic information Network message (turn on plug) URL http://192.168.13/upnp/control/basicevent1 wired Req body (xml - upnp) “Power off” <u:Envelope>… <BinaryState>0</BinaryState> …</u:Envelop> Wemo Insight Wemo app 6
7
Power off a Wemo when watching a Netflix movie Usage model: Lumos-app • Our key insight reflects two software components of Lumos • Lumos-app • Lumos-gateway { ‘ btn _ power _ off ’ : overlay UI ‘ btn _ bulb _ list ’ Semantic extraction 1 . Click button ‘ X ’ { click! 2 . Click button ‘ Y ’ IoT app User 3 . Move to activity ‘ X ’ 4 . Click button ‘ Z ’ Lumos-app Recording interactions (Teaching-mode) (will be described in design part) 8
Power off a Wemo when watching a Netflix movie Usage model: Lumos-gateway • Our key insight reflects two software components of Lumos Semantics: ’btn_power_off’ • Lumos-app URL • Lumos-gateway { http:/ /192.168.13/upnp/control/ Network basicevent1 message Req body (xml - upnp) { <u:Envelope>… <BinaryState>0</BinaryState> ‘Power off a plug’ … </u:Envelop> Learning network message Using this information Wemo Lumos-gateway Insight Lumos-app (Teaching-mode) Issuing message Monitoring message ( controllability ) ( Visibility ) 9
Power off a Wemo when watching a Netflix movie Usage model: configuring an interoperation rule • After teaching phase, Alice makes an configuration • Rule consists of ‘condition’ and ‘control’ ① Monitoring condition message Learned information 1 1 1 1 Set ’ start _ stream ’ condition Chromecast 2 3 1 Set 4 control ‘ btn _ power _ off ’ Lumos-gateway ② Issuing control message Interoperation Wemo Insight rule registration Lumos-app (Configuration mode) 10
11
Challenges C1: identifying a specific message C2: learning semantic of a specific message C3: supporting interoperation Unrelated traffic click! in background Monitoring condition message 1 1 1 IoT app 1 1 4 Issuing control message 12
System design Overview C1 Program binary analysis UI & Signature pairs Program binary ① Learning from IoT Apps C3 C2 Traffic learning Interoperation builder Learning instances Interoperation runner Semantics learning (static + dynamic information + semantics) User ② Learning from Users ③ Interoperation support & Traffic learning 13
System design C1: Learning from program binary (APK) C1 Output Input Network Network Network Signature Building Signature Signature Signature UI Component UI Identification UI Program binary UI component component component Static program analysis Signature-UI pair Objective: pairs a UI component with the regex signatures of control/status messages 14
System design C1: Learning from program binary (APK) C1 • Signature building [Extractocol CoNEXT’16] ‣ It conducts a static taint analysis to extract network message signatures ‣ It also provides a call graph of an app that is used in the UI component identification Building CFG Program slicing IoT app Signature A network signature of HUE extraction Signature building 15
System design C1: Learning from program binary (APK) C1 • UI control Identification ‣ Identifying all event listeners that eventually generate network messages ‣ Performing a backward call graph analysis for each event listener ‣ Identifying the resource ID for an event listener through a taint analysis class : BrightnessSeekBarView public BrightnessSeekBarView ( Context arg7 , A ttributeSet arg8 , int arg9 ) { … Resource ID this . a = this . findViewById ( 0x7F0D009C ) this . a . setOnSeekBarChangeListener ((( SeekBar $ OnSeekBarChangeListener ) this )); … } ③ set a taint seed ② Identify Set eventListener class : A bstractBrightnessSeebar implements SeekBar & OnSeekBarChangeListener public void onProgressChanged ( SeekBar arg4 , int arg5 , boolean arg6 ) { this . c = arg6 ; A pair of signature and UI component of HUE this . d . Turn _ on _ a _ bulb _ method ((( c ) this ), this . c , arg6 , false ); } ① Backward call-flow traversal HUE app UI finding example 16
System design Dy Dynamic traffic learning C1 Output Input Signature-UI pair + Packet matcher http:/ / (.*) /api/ (.*) /lights/ ([0-9])+ /state UI : http:/ / 192.168.0.1 /api/ 0 /lights/ 0 /state Packet learner Matched network message Network traffic Dynamic traffic learning Learning instance Objective: learns values that are determined at runtime 17
② System design Dy Dynamic traffic learning C1 • Lumos-gateway detects and captures the network messages that match the network signatures fields { • It also filters some of the attribute values not-change over time by automatically message generating URL … Req body ( xml - upnp ) Pair DB < u : Envelope >… 1 < BinaryState > 0 </ BinaryState > < RequestTime > 164802 </ RequestTime > Matched packets </ u : Envelop > ③ : update Packet matcher 1 2 3 URL … Req body ( xml - upnp ) unchangeable < u : Envelope >… 2 < BinaryState > 0 </ BinaryState > < RequestTime > 164900 </ RequestTime > </ u : Envelop > URL … Req body ( xml - upnp ) Packet learner < u : Envelope >… 3 < BinaryState > 0 </ BinaryState > < RequestTime > 164957 </ RequestTime > </ u : Envelop > + ① UI interaction (user and replay recorded scripts) 18
System design C1: Semantic learning from User C2 Signature-UI pair + http:/ / (.*) /api/ (.*) /lights/ ([0-9])+ /state + UI “Turn on a bulb in the living room” : http:/ / 192.168.0.1 /api/ 0 /lights/ 0 /state Semantic tag User Matched network message Learning instance Objective: learns semantic of a specific network message 19
Recommend
More recommend