DOCSLIB.ORG

Flaws on a Billion Devices: Rethinking

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Flaws on a Billion Devices: Rethinking Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things Tianlong Yuy, Vyas Sekary, Srinivasan Seshany, Yuvraj Agarwaly, Chenren Xuz yCarnegie Mellon University, zCECA Peking University ABSTRACT Interac0on/control!over! Launchpad!for!deep!and! physical!environment! ! scalable!a;acks! The Internet-of-Things (IoT) has quickly moved from the ! ! realm of hype to reality with estimates of over 25 billion ! ! devices deployed by 2020. While IoT has huge potential for societal impact, it comes with a number of key security Privacy!leaks! challenges—IoT devices can become the entry points into IoT!Challenges! critical infrastructures and can be exploited to leak sensitive Tradi0onal!IT! ContextBdependence! information. Traditional host-centric security solutions in Policies! Sta0c,!PerBhost! CrossBdevice!interac0ons!! today’s IT ecosystems (e.g., antivirus, software patches) are Simple!honeypots! Device/Vendor!diversity! Learning! fundamentally at odds with the realities of IoT (e.g., poor Few!configura0ons! CrossBdevice!interac0ons! vendor security practices and constrained hardware). We ar- Host!Patch/An0virus! Device!constraints! Enforcement! gue that the network will have to play a critical role in se- Perimeter!Appliances! Deep!access!to!a;acker! curing IoT deployments. However, the scale, diversity, cy- Figure 1: IoT security challenges and how/why conven- berphysical coupling, and cross-device use cases inherent to tional IT security approaches are found wanting IoT require us to rethink network security along three key dimensions: (1) abstractions for security policies; (2) mech- While IoT has huge potential, it also comes with its share anisms to learn attack and normal profiles; and (3) dynamic of challenges. Most vendors only deal with parts of the IoT and context-aware enforcement capabilities. Our goal in this ecosystem and, typically, their priorities have been providing paper is to highlight these challenges and sketch a roadmap novel functionality, getting their products to market soon, to avoid this impending security disaster. and making them easy to use. Unfortunately, security and privacy risks have not received as much attention. Since IoT Categories and Subject Descriptors devices will typically be embedded deep inside networks, C.2.0 [Computer-Communication Networks]: General- they are attractive attack targets and may become the “weak- security and protection; C.2.1 [Computer-Communication est link” for breaking into a secure IT infrastructure [17], or Networks]: Network Architecture and Design-distributed for leaking sensitive information about users and their be- networks haviors [18]. These are not hypothetical concerns as several actual attacks have already been reported. For example, IoT General Terms devices were used as bots to launch DDoS or spam [3], smart Security, Design meters were hacked to lower utility bills [15], and handheld scanners were compromised to enter logistics firms [6]. 1 Introduction Today’s IT security ecosystem, which relies on a combi- The Internet-of-Things (IoT) has quickly moved from hype nation of static perimeter network defenses (e.g., firewalls to reality; Gartner, Inc. estimates that the number of de- and intrusion detection/prevention systems), ubiquitous use ployed IoT devices will grow from 5 Billion in 2015 to 25 of end-host based defenses (e.g, antivirus), and software Billion in 2020 [4]. Like other disruptive technologies, such patches from vendors (e.g., Patch Tuesday), is fundamen- as smartphones and cloud computing, IoT holds the potential tally ill-equipped to handle IoT deployments (Figure 1). for societal scale impact by transforming many industries as Specifically, the scale, heterogeneity, use cases, and device well as our daily lives. and vendor constraints of IoT means that traditional ap- proaches fall short along three key dimensions: • Types of policies: IoT devices can interact with other de- Permission to make digital or hard copies of all or part of this work for vices via explicit channels (e.g. a single app may use mul- personal or classroom use is granted without fee provided that copies are tiple IoT devices) or implicitly by affecting the physical not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to world around them (e.g., an IoT light bulb may trigger republish, to post on servers or to redistribute to lists, requires prior specific an IoT light sensor). Thus, compromised IoT devices can permission and/or a fee. affect both applications that use them explicitly as well HotNets ’15 November 16–17 2015, Philadelphia, PA USA Copyright 2015 ACM 978-1-4503-4047-2 ...$15.00. as applications with implicit or indirect cross-device de- Row Device Device Num. Vulnerability Device Cross-device policies Typical Example 1. Avtech Cam 130k exposed account/password If Nest Protect detects smoke, NEST Protect 188 2. TV Set-top box 61k exposed access then turn Philips hue lights on. 3. Smart Refrigerator 146 exposed access Turn of WeMo Insight if SmartThing Wemo Plugin 227 4. CCTV Cam 30k (by IP) unprotected RSA key pairs shows no body is at home. 5. Traffic Light 219 no credentials Activate your Manythings Camera Scout Alarm 63 6. Belkin Wemo >500k (estimated) open DNS resolver, use for DDoS if Alarm is Triggered. 7. Belkin Wemo >500k (estimated) exposed access, bypass app Table 2: Cross device policy examples. Table 1: Examples of Known IoT Vulnerabilities. pendencies. The result is that the security for an IoT de- teractions. Finally, we present the issues in using current ployment are likely to be complex and dynamic since they enforcement mechanisms and highlight the requirements for depend on both physical (e.g. environmental parameters) IoT security. and computational (e.g., the state of other related devices) 2.1 Motivating Scenarios contexts. IoT Vulnerability Cases: Table 1 lists a small subset of • di- Learning signatures and anomalous behaviors: The IoT device vulnerabilities found from SHODAN [14] and versity of IoT devices and vendors inevitably means that other sources. The examples come from different types of traditional approaches of discovering attack signatures IoT devices, including: cameras (Row 1 and 4), Set-top box (e.g., honeypots) will be insufficient and/or non-scalable. (Row 2), Smart Appliance (Row 3), Traffic light (Row 5) Furthermore, there might be implicit dependencies where and Smart Plugs (Row 6 and 7). The first three cases are device interactions are indirectly coupled through the en- examples where the devices have hardcoded default user- vironment. Thus, we need new mechanisms to learn sig- name/passwords (“admin/admin” for Avtech cameras) or de- natures and infer such cross-device dependencies to in- vices with open IPs, ports and protocols that can be accessed form security policies. (Row 2 and 3). The fourth example is a CCTV setup with • Enforcement mechanisms: Since IoT devices operate unprotected RSA key pairs in the firmware image for ≈30K deep inside the network, traditional perimeter defenses devices [20]. Here, an attacker can gain access to the devices are ineffective. At the same time, IoT devices typically and mount more complex attacks on the internal networks, do not run full-fledged operating systems, require low- turn on/off devices, or compromise the privacy of individ- power consumption and are resource constrained. More- uals. To date, these vulnerabilities remain unpatched. The over, the longevity of these devices means that vulnerable traffic light vulnerability (Row 5) allows unfettered access of devices (e.g., default passwords, unpatched bugs) remain 219 traffic lights, enabling an attacker to change traffic lights deployed long after vendors cease to produce or support and even cause accidents [14]. The last two examples (Row them. Thus, traditional host- or device-centric mecha- 6,7) are vulnerabilities in the popular Belkin Wemo line of nisms (e.g., antivirus, patches) are impractical to expect smart home products. The Wemo devices run a open DNS in an IoT world. Finally, given that the environment and resolver which was used to mount a DDoS attack. The sec- device behaviors can change rapidly, we need to rapidly ond vulnerability allows open access to the devices across reassess and update the system’s security posture. Unfor- the Internet (not just on the LAN), which means that their tunately, today’s security enforcement schemes stem from data (power usage) be accessed and they can even be turned a static mindset and cannot handle such dynamics. ON/OFF remotely. In summary, these anecdotes suggest that Rather than chase the hopeless goal of IoT devices that vulnerable IoT devices can create a significant threat to the are secure-by-construction, we need pragmatic “bolt-on” so- security of our networked infrastructures and compromise lutions for securing IoT that acknowledge the realities of the privacy of individuals. marketplace (e.g., existing devices, poor software practices, Cross-device dependencies: Like typical network de- patch unavailability) and the practical challenges associated vices, IoT devices can communicate explicitly with each with IoT (e.g., resource or software constraints). Unlike other. For example, a networked thermostat (e.g., NEST) traditional IT ecosystems where host-based detection and can control the air-conditioning system in a smart home. prevention are prevalent, we believe that the device and However, unlike traditional devices, IoT devices can also ecosystem limitations of IoT will need the the network to be coupled through the physical environment leading to (re)emerge as the key vantage point for enforcing security implicit dependencies. For instance, a temperature sen- policies. In the rest of the paper, we elaborate on the chal- sor can be connected to a service like IF-This-Then-That lenges with respect to policies, policy learning, and enforce- (IFTTT) [7] to open windows to cool down a space when ment and discuss preliminary ideas for rethinking network the air-conditioning is not active.
Load more

Recommended publications
  • Valorising the Iot Databox: Creating Value for Everyone Charith Perera1*, Susan Y
    TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES Trans. Emerging Tel. Tech. 2017; 28:e3125 Published online 11 November 2016 in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/ett.3125 RESEARCH ARTICLE Valorising the IoT Databox: creating value for everyone Charith Perera1*, Susan Y. L. Wakenshaw2, Tim Baarslag3, Hamed Haddadi4, Arosha K. Bandara1, Richard Mortier5, Andy Crabtree6, Irene C. L. Ng2, Derek McAuley6 and Jon Crowcroft5 1 School of Computing and Communications, The Open University, Walton Hall, Milton Keynes MK7 6AA, UK 2 Warwick Manufacturing Group, University of Warwick, Coventry CV4 7AL, UK 3 University of Southampton, Southampton SO17 1BJ, UK 4 School of Electronic Engineering and Computer Science, Queen Mary University of London, Mile End Road, London E1 4NS, UK 5 Computer Laboratory, University of Cambridge, Cambridge CB3 0FD, UK 6 School of Computer Science, University of Nottingham, Jubilee Campus, Nottingham NG8 1BB, UK ABSTRACT The Internet of Things is expected to generate large amounts of heterogeneous data from diverse sources including physical sensors, user devices and social media platforms. Over the last few years, significant attention has been focused on personal data, particularly data generated by smart wearable and smart home devices. Making personal data available for access and trade is expected to become a part of the data-driven digital economy. In this position paper, we review the research challenges in building personal Databoxes that hold personal data and enable data access by other parties and potentially thus sharing of data with other parties. These Databoxes are expected to become a core part of future data marketplaces. Copyright © 2016 The Authors Transactions on Emerging Telecommunications Technologies Published by John Wiley & Sons, Ltd.
    [Show full text]
  • A Systematic Survey of Firmware Extraction Techniques for Iot Devices
    Breaking all the Things | A Systematic Survey of Firmware Extraction Techniques for IoT Devices Sebastian Vasile, David Oswald, and Tom Chothia University of Birmingham [email protected], [email protected], [email protected] Abstract. In this paper, we systematically review and categorize differ- ent hardware-based firmware extraction techniques, using 24 examples of real, wide-spread products, e.g. smart voice assistants (in particular Amazon Echo devices), alarm and access control systems, as well as home automation devices. We show that in over 45% of the cases, an exposed UART interface is sufficient to obtain a firmware dump, while in other cases, more complicated, yet still low-cost methods (e.g. JTAG or eMMC readout) are needed. In this regard, we perform an in-depth investiga- tion of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks. Based on the results of our study, we give recommendations for countermeasures to mitigate the respective methods. 1 Introduction Extracting the firmware from IoT devices is a crucial first step when analysing the security of such systems. From a designer's point of view, preventing the firmware from falling into the hands of an adversary is often desirable: for in- stance, to protect cryptographic keys that identify a device and to impede prod- uct counterfeit or IP theft. The large variety of IoT devices results in different approaches to firmware extraction, depending on the device in question. Past work has looked at the state of security of IoT devices, e.g.
    [Show full text]
  • 2017 Iot & Consumer Electronics Guide
    PRESENTED BY 2017 IoT & CONSUMER ELECTRONICS ELECTRONICS COOLING® GUIDE SERIES | www.electronics-cooling.com 2017 IoT & CONSUMER ELECTRONICS GUIDE www.electronics-cooling.com | 2 | Electronics Cooling® Guide 2017 IoT & CONSUMER ELECTRONICS GUIDE TABLE OF CONTENTS Product Matrix (Thermal Management Manufacturers) 6 Product Selector 8 Electronics Cooling of Humans 10 MP DIVAKAR, PHD Technical Editor, Electronics Cooling Thermal Management in 12 Consumer-Grade Digital Cameras MP DIVAKAR, PHD Technical Editor, Electronics Cooling Thermal Management-Enabled 14 Products at CES 2017 MP DIVAKAR, PHD Technical Editor, Electronics Cooling Thermal Management of IoT 19 Hardware: Gateways MP DIVAKAR, PHD Technical Editor, Electronics Cooling Inductive Wireless Charging is 23 Now a Thermal Design Problem DR. VINIT SINGH NuCurrent, CTO REFERENCE SECTION Ecosystems 28 Overview of Components of 29 IoT & Consumer Electronics Products Design Aids & Tools 32 Calculations 33 Index of Advertisers 34 www.electronics-cooling.com | 3 | Electronics Cooling® Guide FOREWARD In this inaugural issue of Electronics Cooling®’s series of digital guides, IoT & Consumer Electronics, we seek to sup- ply you with the latest in thermal management of consumer electronics and the Internet of Things. The intent of these digital guides is to bring you a collection of articles and information on thermal management ma- terials. This issue features a brief description of the ecosystem for thermal management products, an overview of thermal management challenges, and some high-level descriptions of thermal design elements. We also feature more in-depth coverage in longer articles on select products. There are many unique challenges that every thermal management professional has to address with respect to IoT and Consumer Electronics products.
    [Show full text]
  • Google Onhub
    built for User Guide OnHub REV1.0.1 1910011984 COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. TP-Link is a registered trademark of TP-Link Technologies Co., Ltd. Google, Google On, OnHub and other trademarks are owned by Google Inc. Other brands and product names are trademarks of their respective holders. Copyright © 2016 TP-Link Technologies Co., Ltd. All rights reserved. http://www.tp-link.com 1 FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: • Reorient or relocate the receiving antenna. • Increase the separation between the equipment and receiver. • Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/ TV technician for help. This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: ) 1 This device may not cause harmful interference.
    [Show full text]
  • Iot Or Not Identifying Iot Devices in a Short Time Scale
    The Interdisciplinary Center, Herzlia Efi Arazi School of Computer Science M.Sc. program - Research Track IoT or NoT Identifying IoT Devices in a Short Time Scale by Haim Levy M.Sc. dissertation, submitted in partial fulfillment of the requirements for the M.Sc. degree, research track, School of Computer Science The Interdisciplinary Center, Herzliya April 2020 This work was carried out under the supervision of Prof. Anat Bremlar- Barr and the assistance of Prof. Zohar Yakhini from the Efi Arazi School of Computer Science, The Interdisciplinary Center, Herzliya. Abstract In recent years the number of IoT devices in home networks has increased dra- matically. Whenever a new device connects to the network, it must be quickly managed and secured using the relevant security mechanism or QoS policy. Thus a key challenge is to distinguish between IoT and NoT devices in a matter of min- utes. Unfortunately, there is no clear indication of whether a device in a network is an IoT. In this paper, we propose different classifiers that identify a device as IoT or non-IoT, in a short time scale, and with high accuracy. Our classifiers were constructed using machine learning techniques on a seen (training) dataset and were tested on an unseen (test) dataset. They successfully classified devices that were not in the seen dataset with accuracy above 95%. The first classifier is a logistic regression classifier based on traffic features. The sec- ond classifier is based on features we retrieve from DHCP packets. Finally, we present a unified classifier that leverages the advantages of the other two classi- fiers.
    [Show full text]
  • Avoid the Silos and Help Build the True Internet of Things
    Avoid the Silos and Help Build the True Internet of Things April 2016 Aaron Vernon, CTO at Higgns [email protected] I N T R O D U C T I O N ● Aaron Vernon, CTO at Higgns ● Previously I was VP Software Engineering at LIFX and CTO at Two Bulls ● Chair of the AllSeen Alliance Common Frameworks Working Group ● I am going to cover the following: ○ The complexities of the current IoT landscape ○ How this affects companies and users ○ The Internet of Silos example ○ How we can work together better Transports W i F i ● Uses the 802.11 standard ● Standard on all mobile devices and routers ● Has become ubiquitous for users ● Great range ● Great bandwidth ● High power consumption ● High cost ● Onboarding experience can be complicated ● Examples: Nest Cam, LIFX, Canary, Honeywell Lyric B L U E T O O T H S M A R T ● Standard on most mobile devices ● Becoming increasingly ubiquitous ● Low bandwidth ● Medium range ● Low power consumption ● Low cost ● Smart Mesh is being worked on ● Examples: Flic, Ilumi, Elgato Eve Z I G B E E ● Uses the 802.15.4 standard ● Low bandwidth ● Low range ● Low power consumption ● Very low cost ● Forms a mesh network ● Typically requires a hub for the radio ● Known to have interop and interference problems ● Examples: Phillips Hue, large amount of sensors and actuators Z W A V E ● Proprietary - chips developed by a single manufacturer ● Uses different frequencies in different countries ● Low bandwidth ● Medium range ● Low power consumption ● Very low cost ● Forms a mesh network ● Better interoperability and less interference
    [Show full text]
  • Estado Diario Subdirección De Marcas 17/01/2018 1
    Estado Diario Subdirección de Marcas 17/01/2018 Sección M1: Observaciones de Forma Solicitud Representante Tipo signo Marca Observaciones 1252792 Patricio de la Barra , en representación de Mixta FITÓ Semillas Fito, S.A. 1252793 Patricio de la Barra , en representación de Mixta FITÓ Semillas Fito, S.A. 1259458 SILVA Y CIA., en representación de Johnson Denominativa JOHNSON CONTROLS Controls Technology Company 1259839 ALESSANDRI & COMPAÑIA, en representación Mixta CENTRAL PERK de Warner Bros. Entertainment Inc. 1265854 SARGENT & KRAHN, en representación de Denominativa STARR STARR INTERNATIONAL COMPANY INC. 1266201 Ricardo Cabrera Fernández, en representación Mixta PUERTAS ABIERTAS de ELEODORO TORRES GONZALEZ 1266365 Jorge Luis Pino Zúñiga, en representación de Mixta BATHLUX BATHROOM EXPERTS HONGYU WANG OTAY 2015, S. L. B-90200320 1266536 Nicolo Antonio Lira Airola Mixta Cerveza Chercán 1270401 JULIO CESAR AVALOS CARROZA, en Denominativa SMART TAPE representación de SOC. COM. SOLCOMER LTDA. 1272227 Patricio Eduardo Aguilera Diaz, en representación Denominativa CRIN DE RARI de Maestra Madre Crin SpA y Agrupación de Artesanas de Rari 1273353 JFM FOOD SPA Denominativa El Bajon del Maipo 1273862 KAREN PUPKIN RUTMAN, en representación de Mixta CLINIK R ODONTOLOGÍA CLINIKR SPA 1274567 Opazo Cancino Francisco Omar Mixta OFC Landi-Hartog 1274704 ESTUDIO FEDERICO VILLASECA Y COMPAÑIA, Mixta PACERS GAMING en representación de NBA Properties, Inc. 1274708 ESTUDIO FEDERICO VILLASECA Y COMPAÑIA, Mixta PISTONS GT en representación de NBA Properties, Inc. 1274710 ESTUDIO FEDERICO VILLASECA Y COMPAÑIA, Mixta CAVS LEGION GC en representación de NBA Properties, Inc. 1274711 ESTUDIO FEDERICO VILLASECA Y COMPAÑIA, Mixta MAVS GAMING en representación de NBA Properties, Inc. 1 Estado Diario Subdirección de Marcas 17/01/2018 Sección M1: Observaciones de Forma Solicitud Representante Tipo signo Marca Observaciones 1274713 ESTUDIO FEDERICO VILLASECA Y COMPAÑIA, Mixta KINGS GUARD GAMING en representación de NBA Properties, Inc.
    [Show full text]
  • User Preferences, Network Cookies and Neutrality
    Neutral Net Neutrality Yiannis Yiakoumis, Sachin Katti, and Nick McKeown Stanford University ABSTRACT Alexa ranking 1 10 100 1000 >5000 Should applications receive special treatment from the network? And if so, who decides which applications 10 are preferred? This discussion, known as net neutral- 8 ity, goes beyond technology and is a hot political topic. 6 In this paper we approach net neutrality from a user’s # of users 4 perspective. Through user studies, we demonstrate that 2 users do indeed want some services to receive preferen- tial treatment; and their preferences have a heavy-tail: skai.gr nbc.com cnn.com hulu.com cucirca.eu netflix.com abc.go.com a one-size-fits-all approach is unlikely to work. This speetest.net facebook.com starsports.com mail.google.com usanetwork.com espncricinfo.com ticketmaster.com suggests that users should be able to decide how their intercallonline.com ondemandkorea.com traffic is treated. A crucial part to enable user prefer- Figure 1: If given the choice, which websites would home ences, is the mechanism to express them. To this end, users prioritize? The preferences have a heavy tail: 43% of we present network cookies, a general mechanism to ex- the preferences are unique, with a median popularity index press user preferences to the network. Using cookies, of 223. we prototype Boost, a user-defined fast-lane and deploy it in 161 homes. programs promise that certain traffic is free from data caps (aka zero-rating). Similarly, others have proposed CCS Concepts giving some traffic a fast-lane over the last mile.
    [Show full text]
  • Valorising the Iot Databox: Creating Value for Everyone Charith Perera1*, Susan Y
    TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES Trans. Emerging Tel. Tech. (2016) Published online in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/ett.3125 RESEARCH ARTICLE Valorising the IoT Databox: creating value for everyone Charith Perera1*, Susan Y. L. Wakenshaw2, Tim Baarslag3, Hamed Haddadi4, Arosha K. Bandara1, Richard Mortier5, Andy Crabtree6, Irene C. L. Ng2, Derek McAuley6 and Jon Crowcroft5 1 School of Computing and Communications, The Open University, Walton Hall, Milton Keynes MK7 6AA, UK 2 Warwick Manufacturing Group, University of Warwick, Coventry CV4 7AL, UK 3 University of Southampton, Southampton SO17 1BJ, UK 4 School of Electronic Engineering and Computer Science, Queen Mary University of London, Mile End Road, London E1 4NS, UK 5 Computer Laboratory, University of Cambridge, Cambridge CB3 0FD, UK 6 School of Computer Science, University of Nottingham, Jubilee Campus, Nottingham NG8 1BB, UK ABSTRACT The Internet of Things is expected to generate large amounts of heterogeneous data from diverse sources including physical sensors, user devices and social media platforms. Over the last few years, significant attention has been focused on personal data, particularly data generated by smart wearable and smart home devices. Making personal data available for access and trade is expected to become a part of the data-driven digital economy. In this position paper, we review the research challenges in building personal Databoxes that hold personal data and enable data access by other parties and potentially thus sharing of data with other parties. These Databoxes are expected to become a core part of future data marketplaces. Copyright © 2016 The Authors Transactions on Emerging Telecommunications Technologies Published by John Wiley & Sons, Ltd.
    [Show full text]
  • Swann Security with the Google Assistant Setup Guide
    THE SWANN SECURITY SERVICE WITH GOOGLE ASSISTANT SETUP GUIDE English 1 SWANN SECURITY WORKS WITH THE GOOGLE ASSISTANT Now it’s even easier to see what’s happening. You can ask your Google Assistant to show your Swann Security Cameras on your TV with Chromecast. Read this guide to learn how to connect your Swann Security cameras to your Google Assistant and enable voice control. GETTING STARTED Before you start, please make sure that: → You have the Swann Security app → You have a Swann Security account with a Swann device(s) paired → You have a Chromecast-connected TV → You have the Google Home app on your phone → You have the Google Assistant (built-in or app) on your phone or a Google Home device installed. For more information about the Google Assistant, see "Get started with the Google Assistant on your phone or tablet" 2 LINKING TO THE GOOGLE ASSISTANT To use Google Assistant voice control with your Swann Security cameras, follow these steps: STEP 1 STEP 2 STEP 3 STEP 4 Open the Google Tap the Home tab Tap + in the top left Choose Set up Home app. at the bottom of the corner. Device. screen. 3 LINKING TO THE GOOGLE ASSISTANT STEP 5 STEP 6 STEP 7 STEP 8 Choose "Have Scroll the list or tap The “Swann To link the Swann something already and search for Security” service Security service, set up" under “Swann Security”. will appear in the you will need your Works with Google. results. Tap it. Swann Security account credentials. 4 LINKING TO THE GOOGLE ASSISTANT STEP 9 STEP 10 STEP 11 Enter the email and Google Assistant Google Assistant is now ready to password associated will link your Swann interact with your cameras.
    [Show full text]
  • Apple Homekit
    Avoid the silos and help build the true Internet of Things Introduction ● Aaron Vernon, CTO at Two Bulls ● Been at Two Bulls from the beginning with two stretches away at startups - CTO of Blokify and VP Software Engineering at LIFX ● Member of the AllSeen Alliance Technical Steering Committee ● I am going to cover the following: ○ The complexities of the current IoT landscape ○ How this affects companies and users ○ The Internet of Silos example ○ How we can work together better Transports WiFi ● Uses the 802.11 standard ● Standard on all mobile devices and routers ● Has become ubiquitous for users ● Great range ● Great bandwidth ● High power consumption ● High cost ● Onboarding experience can be complicated ● Examples: Nest Cam, LIFX, Canary, Honeywell Lyric Bluetooth Smart ● Standard on most mobile devices ● Becoming increasingly ubiquitous ● Low bandwidth ● Medium range ● Low power consumption ● Low cost ● Smart Mesh is being worked on ● Examples: Flic, Ilumi, Elgato Eve ZigBee ● Uses the 802.15.4 standard ● Low bandwidth ● Low range ● Low power consumption ● Very low cost ● Forms a mesh network ● Typically requires a hub for the radio ● Known to have interop and interference problems ● Examples: Phillips Hue, large amount of sensors and actuators Z-Wave ● Proprietary - chips developed by a single manufacturer ● Uses different frequencies in different countries ● Low bandwidth ● Medium range ● Low power consumption ● Very low cost ● Forms a mesh network ● Better interoperability and less interference than ZigBee ● Typically requires
    [Show full text]
  • Accepted Manuscript1.0
    6850 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 4, AUGUST 2019 How Do I Share My IoT Forensic Experience With the Broader Community? An Automated Knowledge Sharing IoT Forensic Platform Xiaolu Zhang, Kim-Kwang Raymond Choo ,Senior Member, IEEE , and Nicole Lang Beebe, Senior Member, IEEE Abstract —It is challenging for digital forensic practitioners to typical investigation process, two or more investigators located maintain skillset currency, for example knowing where and how in different cities and/or countries may be forensically examin- to extract digital artifacts relevant to investigations from newer, ing the same (type of) device at the same time [see Fig. 1(a)]. emerging devices (e.g., due to the increased variety of data storage schemas across manufacturers and constantly changing models). As the experience and background of both investigators are This paper presents a knowledge sharing platform, developed likely to vary, the outcomes of the forensic investigations may and validated using an Internet of Things dataset released in the also differ (e.g., in terms of the types and extent of artifacts DFRWS 2017–2018 forensic challenge. Specifically, we present being recovered). an automated knowledge-sharing forensic platform that auto- As the diversity of devices increases (e.g., IoT, wearable, matically suggests forensic artifact schemas, derived from case data, but does not include any sensitive data in the final (shared) embedded, and other digital devices), so does the challenge schema. Such artifact schemas are then stored in a schema pool in the forensic examination of such devices [4]. For example, and the platform presents candidate schemas for use in new cases an investigator who is unfamiliar with a particular device that based on the data presented.
    [Show full text]