A household with smart devices may consist of a complex intermingling of device owners and non-owners, residents and visitors, adults and children, and many other categories of users. Although a common assumption is that each individual has their own un-shared account, it is common for multiple users to share the same account and password for… Read More SPLICE Publication: Optimistic Access Control for the Smart Home
With the increasing use and popularity of smart-home devices, there is an increasing need for a robust ecosystem to support the interoperability of devices from different manufacturers. The current ecosystem is fragmented, presenting difficulties for inter-device communications from different vendors. Matter, a unifying standard for smart home devices, released the first version of its specification… Read More New SPLICE Publication: Connected Smart Home over Matter Protocol
Misuse of smart devices by household members or visitors have been documented but have not been previously studied.… Read More New SPLICE Publication: Characterizing Everyday Misuse of Smart Home Devices
a provenance-based auditing framework that enables precise tracing of suspicious events in serverless applications… Read More SPLICE Publication: ALASTOR: Reconstructing the Provenance of Serverless Intrusions
Imagine you just moved to a new home or are renting a place for a weekend trip. A visual inventory can help you figure out where the refrigerator, TV, and even some security cameras are, but what if there are additional, hidden, electronic devices that were left behind by others? This paper focuses on detecting… Read More SPLICE Publication: The effect of polarization on nonlinear junction detection
Voice assistant systems (VAS) are software platforms such as Amazon Alexa or Google Assistant that complete various tasks using voice commands. VAS present opportunities for older adults to improve home safety, participate in remote monitoring, and optimize medication adherence. A recent study found that VAS ownership and use in older adults (>60 years) was similar to… Read More SPLICE Publication on Privacy concerns of older adults using voice-assistant systems
This past month, team members from all seven SPLICE institutions traveled to Hanover, New Hampshire, to meet in-person for the first time since the start of the project in October of 2020. Our annual meeting lasted two and a half days, with the first day including team professional development events, research-based meetings, and a poster… Read More Reflecting on Two Years of SPLICE Achievements
The Cybersecurity Assurance & Policy (CAP) Center at Morgan State University hosted two undergraduate engineering students and a high school STEM teacher to conduct IoT security research throughout summer ’21. The goal was for students to develop their team-building and leadership skills while working on an assigned research project and for the teacher to be… Read More SPLICE Paper on Engaging Students and Teachers in IoT Security Research
Fitness tracking applications allow athletes to record and share their exercises online, including GPS routes of their activities. However, sharing mobility data potentially raises real-world privacy and safety risks. One strategy to mitigate that risk is a “Privacy Zone,” which conceals portions of the exercise routes that fall within a certain radius of a user-designated… Read More New SPLICE Paper: ‘Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps’
As consumers adopt new Internet-connected devices, apps, and other software, they are often exposed to security and privacy vulnerabilities that they likely do not have time, expertise, or incentive to evaluate themselves. Can professionals and institutions help by evaluating the security and privacy of these products on behalf of consumers? As a first step, we… Read More New SPLICE Publication: ‘The Role of Product Reviewers in Evaluating Security and Privacy’
SPLICE 