Paper Review: ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms

This is a paper review for: Jia, Yunhan Jack, et al. "ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms." NDSS. Vol. 2. No. 2. 2017.

Summary

The authors performed a study of possible attacks on IoT platforms that supports third-party apps. They picked Samsung's SmartThings as a use case. They introduced ContextIoT, which is a new backwardcompatible context-based permission system that identifies the context for sensitive actions and provides users with useful information to help them determine whether to approve or disprove a specific action in a particular context. They evaluated ContextIoT on a dataset of IoT attacks and found that neither performance nor usability was affected considerably

Things I liked

Things I did not like:

Further research

The authors used static analysis and runtime logging to analyze the risks of smart apps. I guess that took them some time. I think looking into more efficient means to analyze the risks of smartapps can be of benefit.

;