Cyber-physical systems information gathering: A smart home case study

With the growth in the use of Cyber-Physical Systems, such as Internet of Things (IoT) devices, there is a corresponding increase in the potential attack footprint of personal and corporate users. In this paper, we explore the potential for exploiting information retrieved from two IoT devices which, seemingly, are unlikely to store substantial amounts of data. We specifically focus on prominent smart home devices for the purpose of obtaining compromising information. We undertake a collection and analysis process, constrained by the limitations placed upon three types of adversaries, namely: forensic passive, forensic active and real-time active. The former two adversaries aim to comply with the requirements of forensic soundness, whereas the real-time active adversary does not have these constraints and therefore more closely models a malicious real-world attacker. The findings show that a variety of device data is available to even the passive adversary, and this data can be used to determine the actions and/or presence of an individual at a given time based on their interactions with the IoT device. These interactions can be both user initiated (e.g. powering on or off a switch or light) and device initiated (e.g. background polling).