Skip to main content

Selective Forwarding Attack on IoT Home Security Kits

Hariri, Ali, Giannelos, Nicolas, Arief, Budi (2020) Selective Forwarding Attack on IoT Home Security Kits. In: Lecture Notes in Computer Science. Springer LNCS Proceedings, 2nd International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT 2019). . Springer ISBN 978-3-030-42047-5. (doi:10.1007/978-3-030-42048-2_23) (KAR id:75895)

PDF Author's Accepted Manuscript
Language: English
Download (514kB) Preview
[thumbnail of Selective_Forwarding_Attack_on_IoT_Home_Security_Kits.pdf]
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL


Efforts have been made to improve the security of the Internet of Things (IoT) devices, but there remain some vulnerabilities and misimplementations. This paper describes a new threat to home security devices in which an attacker can disable all functionality of a device, but to the device’s owner, everything still appears to be operational. We targeted home security devices because their security is critical as people may rely on them to protect their homes. In particular, we exploited a feature called “heartbeat”, which is exchanged between the devices and the cloud in order to check that the devices are still connected. Even though network traffic was encrypted, we successfully identified the heartbeats due to their fixed size and periodic nature. Thereafter, we established a man-in-the-middle attack between the device and the cloud and selectively forwarded heartbeats while filtering out other traffic. As a result, the device appears to be still connected (because the heartbeat traffic is being allowed through), while in reality the device’s functionality is disabled (because non-heartbeat traffic is being filtered out). We applied this exploit on a set of six devices, and five were found to be vulnerable. Consequently, an intruder can use this exploit to disable a home security device and break into a house without the awareness of the owner. We carried out a responsible disclosure exercise with the manufacturers of the affected devices, but the response has been limited. This shows that IoT security is still not taken completely seriously and many threats are still undiscovered. Finally, we provide some recommendations on how to detect and prevent the threats posed by insecure IoT devices, which ironically include IoT home security kits.

Item Type: Conference or workshop item (Proceeding)
DOI/Identification number: 10.1007/978-3-030-42048-2_23
Uncontrolled keywords: IoT · Security · Attack · Off-the-shelf Devices · Heartbeats · Selective Forwarding · SSL/TLS · WPA2
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Budi Arief
Date Deposited: 20 Aug 2019 09:41 UTC
Last Modified: 22 Feb 2021 00:00 UTC
Resource URI: (The current URI for this page, for reference purposes)
Arief, Budi:
  • Depositors only (login required):


Downloads per month over past year