It is a list of IoT security papers from recent top conferences.
Alexa Control:
Access Control:
-
TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications, NDSS, 2020
-
Multi-User Multi-Device-Aware Access Control System for Smart Home, WiSec, 2020
-
IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT, NDSS, 2019
-
Situational Access Control in the Internet of Things, CCS, 2018
-
HAWatcher: Semantics-Aware Anomaly Detection for Appified Smart Homes, USENIX Security, 2021
-
PFirewall: Semantics-Aware Customizable Data Flow Control for Home Automation Systems, NDSS, 2021
-
Cross-App Interference Threats in Smart Homes: Categorization, Detection and Handling, DSN, 2020
App Vulnerabilities:
-
Real-time Analysis of Privacy-(un)aware IoT Applications, Security arXiv, 2020
-
Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps, USENIX Security, 2019
Device or Network Vulnerabilities:
-
SoK: Security Evaluation of Home-Based IoT Deployments, IEEE S&P, 2019
-
Burglars' IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds, IEEE S&P, 2020
-
Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses, IEEE S&P, 2020
-
Packet-Level Signatures for Smart Home Devices, NDDS, 2020
-
BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals, NDSS, 2020
-
All Things Considered: An Analysis of IoT Devices on Home Networks, USENIX Security, 2019
-
HoMonit: Monitoring Smart Home Apps from Encrypted Traffic, CCS , 2018
Inter-app or Platform Vulnerabilities:
-
Charting the Attack Surface of Trigger-Action IoT Platforms, CCS, 2019
-
Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms, USENIX Security, 2019
-
IoTRemedy: Non-Intrusive Rule Decomposition for User Privacy in Modern IoT Platforms, ITOEC, 2020
Firmware Vulnerabilities:
-
Dominance as a New Trusted Computing Primitive for the Internet of Things, IEEE S&P, 2019
-
FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation, USENIX Security, 2019
-
IOTREPAIR: Systematically Addressing Device Faults in Commodity IoT, Security arXiv, 2020
Botnet:
-
Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet, NDSS, 2019
-
Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai, NDSS, 2019
-
A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints, NDSS, 2020
-
Not Everything is Dark and Gloomy: Power Grid Protections Against IoT Demand Attacks, USENIX Security, 2019
Multi Users:
-
Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study, USENIX Security, 2019
-
Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA, USENIX Security, 2019
-
Multi-User Multi-Device-Aware Access Control System for Smart Home, Security arXiv, 2020
User Study:
-
Ask the Experts: What Should Be on an IoT Privacy and Security Label?, IEEE S&P, 2020
-
Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products,IEEE S&P, 2020
-
How Risky Are Real Users' IFTTT Applets?, Soups, 2020
Others:
-
Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors, NDSS, 2020
-
Pinto: Enabling Video Privacy for Commodity IoT Cameras, CCS, 2018
-
Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT, USENIX Security, 2020
-
SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants, USENIX Security, 2020
-
T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices, CCS, 2020
-
Peeves: Physical Event Verification in Smart Homes, CCS, 2019