{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T05:04:38Z","timestamp":1769749478858,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T00:00:00Z","timestamp":1628467200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"ONR","award":["N00014-20-1-2798"],"award-info":[{"award-number":["N00014-20-1-2798"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,8,9]]},"DOI":"10.1145\/3474718.3474729","type":"proceedings-article","created":{"date-parts":[[2021,9,7]],"date-time":"2021-09-07T16:42:08Z","timestamp":1631032928000},"page":"58-62","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Through the Spyglass: Towards IoT Companion App Man-in-the-Middle Attacks"],"prefix":"10.1145","author":[{"given":"TJ","family":"OConnor","sequence":"first","affiliation":[{"name":"Florida Institute of Technology, United States of America"}]},{"given":"Dylan","family":"Jessee","sequence":"additional","affiliation":[{"name":"Florida Institute of Technology, United States of America"}]},{"given":"Daniel","family":"Campos","sequence":"additional","affiliation":[{"name":"Florida Institute of Technology, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2021,9,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00013"},{"key":"e_1_3_2_1_2_1","first-page":"305","article-title":"Wireless portable personal cyber-protection device","volume":"10","author":"Benitez Carlos\u00a0Esteban","year":"2019","unstructured":"Carlos\u00a0Esteban Benitez . 2019 . Wireless portable personal cyber-protection device . US Patent 10 , 305 ,930. Carlos\u00a0Esteban Benitez. 2019. Wireless portable personal cyber-protection device. US Patent 10,305,930.","journal-title":"US Patent"},{"key":"e_1_3_2_1_3_1","unstructured":"Nicole Chavez. 2017. Murder charge dropped in Amazon Echo case. https:\/\/edition.cnn.com\/2017\/11\/30\/us\/amazon-echo-arkansas-murder-case-dismissed\/index.html  Nicole Chavez. 2017. Murder charge dropped in Amazon Echo case. https:\/\/edition.cnn.com\/2017\/11\/30\/us\/amazon-echo-arkansas-murder-case-dismissed\/index.html"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3205977.3205986"},{"key":"e_1_3_2_1_5_1","unstructured":"Aldo Cortesi Maximilian Hils Thomas Kriechbaumer and contributors. 2010. mitmproxy: A free and open source interactive HTTPS proxy. https:\/\/mitmproxy.org\/ [Version 6.0].  Aldo Cortesi Maximilian Hils Thomas Kriechbaumer and contributors. 2010. mitmproxy: A free and open source interactive HTTPS proxy. https:\/\/mitmproxy.org\/ [Version 6.0]."},{"key":"e_1_3_2_1_6_1","unstructured":"Alban Diquet Angela Chow Eric Castro Daryl Low Christopher Harrell and Plasma Chen. 2020. TrustKit. https:\/\/github.com\/datatheorem\/TrustKit  Alban Diquet Angela Chow Eric Castro Daryl Low Christopher Harrell and Plasma Chen. 2020. TrustKit. https:\/\/github.com\/datatheorem\/TrustKit"},{"key":"e_1_3_2_1_7_1","unstructured":"Erin Dooley. 2021. ADT Technician Pleads Guilty to Hacking Home Security Footage. https:\/\/www.justice.gov\/usao-ndtx\/pr\/adt-technician-pleads-guilty-hacking-home-security-footage  Erin Dooley. 2021. ADT Technician Pleads Guilty to Hacking Home Security Footage. https:\/\/www.justice.gov\/usao-ndtx\/pr\/adt-technician-pleads-guilty-hacking-home-security-footage"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"C. Evans C. Palmer and R. Sleevi. 2015. RFC 7469: Public Key Pinning Extension for HTTP. https:\/\/tools.ietf.org\/html\/rfc7469  C. Evans C. Palmer and R. Sleevi. 2015. RFC 7469: Public Key Pinning Extension for HTTP. https:\/\/tools.ietf.org\/html\/rfc7469","DOI":"10.17487\/RFC7469"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/CHASE.2017.54"},{"key":"e_1_3_2_1_10_1","volume-title":"Paradise: How Intimate Partner Abusers Exploit Technology. In Conference on Human Factors in Computing Systems (CHI). ACM","author":"Freed Diana","year":"2018","unstructured":"Diana Freed , Jackeline Palmer , Diana Minchala , Karen Levy , Thomas Ristenpart , and Nicola Dell . 2018 . A Stalker\u2019s Paradise: How Intimate Partner Abusers Exploit Technology. In Conference on Human Factors in Computing Systems (CHI). ACM , Montreal, Canada, 1\u201313. Diana Freed, Jackeline Palmer, Diana Minchala, Karen Levy, Thomas Ristenpart, and Nicola Dell. 2018. A Stalker\u2019s Paradise: How Intimate Partner Abusers Exploit Technology. In Conference on Human Factors in Computing Systems (CHI). ACM, Montreal, Canada, 1\u201313."},{"key":"e_1_3_2_1_11_1","volume-title":"Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Network and Distributed System Security Symposium (NDSS). Internet Society","author":"Greenwood David","year":"2014","unstructured":"David Greenwood , Justin Sounthiraraj , Sahs Garret , Zhiqiang Khan , and Latifur Lin . 2014 . SMV-HUNTER: Large Scale , Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Network and Distributed System Security Symposium (NDSS). Internet Society , San Diego, CA, 1\u201314. David Greenwood, Justin Sounthiraraj, Sahs Garret, Zhiqiang Khan, and Latifur Lin. 2014. SMV-HUNTER: Large Scale, Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Network and Distributed System Security Symposium (NDSS). Internet Society, San Diego, CA, 1\u201314."},{"key":"e_1_3_2_1_12_1","unstructured":"Guardian Staff. 2019. Alexa did he do it? Smart device could be witness in suspicious Florida death. https:\/\/www.theguardian.com\/us-news\/2019\/nov\/01\/alexa-florida-death-witness-amazon-echo  Guardian Staff. 2019. Alexa did he do it? Smart device could be witness in suspicious Florida death. https:\/\/www.theguardian.com\/us-news\/2019\/nov\/01\/alexa-florida-death-witness-amazon-echo"},{"key":"e_1_3_2_1_13_1","volume-title":"Selective Forwarding Attack on IoT Home Security Kits. In European Symposium on Research in Computer Security","author":"Hariri Ali","year":"2019","unstructured":"Ali Hariri , Nicolas Giannelos , and Budi Arief . 2019 . Selective Forwarding Attack on IoT Home Security Kits. In European Symposium on Research in Computer Security . Springer, Luxembourg, September, 360\u2013373. Ali Hariri, Nicolas Giannelos, and Budi Arief. 2019. Selective Forwarding Attack on IoT Home Security Kits. In European Symposium on Research in Computer Security. Springer, Luxembourg, September, 360\u2013373."},{"key":"e_1_3_2_1_14_1","unstructured":"Christine Hauser. 2018. Police Use Fitbit Data to Charge 90-Year-Old Man in Stepdaughter\u2019s Killing. https:\/\/www.nytimes.com\/2018\/10\/03\/us\/fitbit-murder-arrest.html  Christine Hauser. 2018. Police Use Fitbit Data to Charge 90-Year-Old Man in Stepdaughter\u2019s Killing. https:\/\/www.nytimes.com\/2018\/10\/03\/us\/fitbit-murder-arrest.html"},{"key":"e_1_3_2_1_15_1","volume-title":"Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. In Security and Privacy SmartThings Workshop. IEEE, IEEE","author":"Janes Blake","year":"2020","unstructured":"Blake Janes , Heather Crawford , and TJ O Connor . 2020 . Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. In Security and Privacy SmartThings Workshop. IEEE, IEEE , San Francisco, CA, 104\u2013109. Blake Janes, Heather Crawford, and TJ OConnor. 2020. Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. In Security and Privacy SmartThings Workshop. IEEE, IEEE, San Francisco, CA, 104\u2013109."},{"key":"e_1_3_2_1_16_1","volume-title":"Blackhat Europe","author":"Jeske Tobias","unstructured":"Tobias Jeske . 2013. Floating car data from smartphones: What google and waze know about you and how hackers can control traffic . In Blackhat Europe . Blackhat , Amsterdam, Netherlands , 1\u201312. Tobias Jeske. 2013. Floating car data from smartphones: What google and waze know about you and how hackers can control traffic. In Blackhat Europe. Blackhat, Amsterdam, Netherlands, 1\u201312."},{"key":"e_1_3_2_1_17_1","unstructured":"Jamiles Lartey. 2017. Man suspected in wife\u2019s murder after her Fitbit data doesn\u2019t match his alibi. https:\/\/www.theguardian.com\/technology\/2017\/apr\/25\/fitbit-data-murder-suspect-richard-dabate  Jamiles Lartey. 2017. Man suspected in wife\u2019s murder after her Fitbit data doesn\u2019t match his alibi. https:\/\/www.theguardian.com\/technology\/2017\/apr\/25\/fitbit-data-murder-suspect-richard-dabate"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3322276.3322366"},{"key":"e_1_3_2_1_19_1","unstructured":"Matt. 2020. AFNetworking. https:\/\/github.com\/AFNetworking\/AFNetworking  Matt. 2020. AFNetworking. https:\/\/github.com\/AFNetworking\/AFNetworking"},{"key":"e_1_3_2_1_20_1","unstructured":"Warren Mercer Paul Rascagneres and Andrew Williams. 2018. Advanced Mobile Malware Campaign in India uses Malicious MDM. https:\/\/blog.talosintelligence.com\/2018\/07\/Mobile-Malware-Campaign-uses-Malicious-MDM.html  Warren Mercer Paul Rascagneres and Andrew Williams. 2018. Advanced Mobile Malware Campaign in India uses Malicious MDM. https:\/\/blog.talosintelligence.com\/2018\/07\/Mobile-Malware-Campaign-uses-Malicious-MDM.html"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329842"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354198"},{"key":"e_1_3_2_1_23_1","volume-title":"Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM","author":"Connor TJ","year":"2019","unstructured":"TJ O Connor , William Enck , and Bradley. Reaves. 2019 . Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM , Miami,FL, 140\u2013150. TJ OConnor, William Enck, and Bradley. Reaves. 2019. Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM, Miami,FL, 140\u2013150."},{"key":"e_1_3_2_1_24_1","unstructured":"Jon Shier. 2021. Alamofire. https:\/\/github.com\/Alamofire\/Alamofire  Jon Shier. 2021. Alamofire. https:\/\/github.com\/Alamofire\/Alamofire"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345662"},{"key":"e_1_3_2_1_26_1","unstructured":"Zack Whittaker. 2018. Judge orders Amazon to turn over Echo recordings in double murder case. https:\/\/techcrunch.com\/2018\/11\/14\/amazon-echo-recordings-judge-murder-case\/  Zack Whittaker. 2018. Judge orders Amazon to turn over Echo recordings in double murder case. https:\/\/techcrunch.com\/2018\/11\/14\/amazon-echo-recordings-judge-murder-case\/"}],"event":{"name":"CSET '21: Cyber Security Experimentation and Test Workshop","location":"Virtual CA USA","acronym":"CSET '21"},"container-title":["Cyber Security Experimentation and Test Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3474718.3474729","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3474718.3474729","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3474718.3474729","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:11:46Z","timestamp":1750191106000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3474718.3474729"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,9]]},"references-count":26,"alternative-id":["10.1145\/3474718.3474729","10.1145\/3474718"],"URL":"https:\/\/doi.org\/10.1145\/3474718.3474729","relation":{},"subject":[],"published":{"date-parts":[[2021,8,9]]},"assertion":[{"value":"2021-09-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}