We explore the risks to security and privacy in IoT networks by setting up an inexpensive home automation network and performing a set of experiments intended to study attacks and defenses. We focus on privacy preservation in home automation networks but our insights can extend to other IoT applications. Privacy preservation is fundamental to achieving the promise of IoT, Industrial Internet and M2M. We look at both simple cryptographic techniques and information manipulation to protect a user against an adversary inside the IoT network or an adversary that has compromised remote servers. We show how user data can be masked or selectively leaked and manipulated. We provide a blueprint for inexpensive study of IoT security and privacy using COTS products and services.
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security...