{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,9]],"date-time":"2026-07-09T15:39:16Z","timestamp":1783611556885,"version":"3.55.0"},"reference-count":56,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2022,4,11]],"date-time":"2022-04-11T00:00:00Z","timestamp":1649635200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Mastercard and the Engineering and Physical Sciences Research Council","award":["EP\/M508111\/1"],"award-info":[{"award-number":["EP\/M508111\/1"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Internet Things"],"published-print":{"date-parts":[[2022,8,31]]},"abstract":"<jats:p>In this article, we verify physical events using data from an ensemble of smart home sensors. This approach both protects against event sensor faults and sophisticated attackers.<\/jats:p>\n          <jats:p>To validate our system\u2019s performance, we set up a \u201csmart home\u201d in an office environment. We recognize 22 event types using 48 sensors over the course of two weeks. Using data from the physical sensors, we verify the event stream supplied by the event sensors to detect both masking and spoofing attacks.<\/jats:p>\n          <jats:p>We consider three threat models: a zero-effort attacker, an opportunistic attacker, and a sensor-compromise attacker who can arbitrarily modify live sensor data. For spoofed events, we achieve perfect classification for 9 out of 22 events and achieve a 0% false alarm rate at a detection rate exceeding 99.9% for 15 events. For 11 events the majority of masking attacks can be detected without causing any false alarms. We also show that even a strong opportunistic attacker is inherently limited to spoofing few select events and that doing so involves lengthy waiting periods. Finally, we demonstrate the vulnerability of a single-classifier system to compromised sensor data and introduce a more secure approach based on sensor fusion.<\/jats:p>","DOI":"10.1145\/3506859","type":"journal-article","created":{"date-parts":[[2022,4,11]],"date-time":"2022-04-11T09:57:23Z","timestamp":1649671043000},"page":"1-28","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":19,"title":["Haunted House: Physical Smart Home Event Verification in the Presence of Compromised Sensors"],"prefix":"10.1145","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2275-7026","authenticated-orcid":false,"given":"Simon","family":"Birnbach","sequence":"first","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Simon","family":"Eberz","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ivan","family":"Martinovic","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,4,11]]},"reference":[{"key":"e_1_3_2_2_2","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399421"},{"key":"e_1_3_2_3_2","unstructured":"Noah Apthorpe Dillon Reisman Srikanth Sundaresan Arvind Narayanan and Nick Feamster. 2017. Spying on the smart home: Privacy attacks and defenses on encrypted IoT traffic. Retrieved from http:\/\/arxiv.org\/abs\/1708.05044."},{"key":"e_1_3_2_4_2","volume-title":"Awaken your Home","author":"Assistant Home","year":"2021","unstructured":"Home Assistant. 2021. Awaken your Home. Retrieved from https:\/\/www.home-assistant.io\/."},{"key":"e_1_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/3266444.3266452"},{"key":"e_1_3_2_6_2","volume-title":"Proceedings of the 24th Annual Network and Distributed System Security Symposium (NDSS)","author":"Birnbach Simon","year":"2017","unstructured":"Simon Birnbach, Richard Baker, and Ivan Martinovic. 2017. Wi-Fly?: Detecting privacy invasion attacks by consumer drones. In Proceedings of the 24th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society. Retrieved from https:\/\/www.ndss-symposium.org\/ndss2017\/ndss-2017-programme\/wi-fly-detecting-privacy-invasion-attacks-consumer-drones\/."},{"key":"e_1_3_2_7_2","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS)","author":"Birnbach Simon","year":"2019","unstructured":"Simon Birnbach, Simon Eberz, and Ivan Martinovic. 2019. Peeves: Physical event verification in smart homes. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, New York, NY."},{"key":"e_1_3_2_8_2","first-page":"147","volume-title":"Proceedings of the USENIX Annual Technical Conference (USENIX ATC\u201918)","author":"Celik Z. Berkay","year":"2018","unstructured":"Z. Berkay Celik, Patrick McDaniel, and Gang Tan. 2018. Soteria: Automated IoT safety and security analysis. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC\u201918). USENIX Association, 147\u2013158. Retrieved from https:\/\/www.usenix.org\/conference\/atc18\/presentation\/celik."},{"key":"e_1_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23326"},{"key":"e_1_3_2_10_2","volume-title":"Somebody\u2019s Watching! When Cameras Are More Than Just \u201cSmart.\u201d","author":"Cert Kaspersky Lab ICS","year":"2018","unstructured":"Kaspersky Lab ICS Cert. 2018. Somebody\u2019s Watching! When Cameras Are More Than Just \u201cSmart.\u201d Retrieved from https:\/\/ics-cert.kaspersky.com\/reports\/2018\/03\/12\/somebodys-watching-when-cameras-are-more-than-just-smart\/."},{"key":"e_1_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1145\/2398356.2398377"},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243865"},{"key":"e_1_3_2_13_2","volume-title":"Proceedings of the 28th Annual Network and Distributed System Security Symposium (NDSS)","author":"Ding Wenbo","year":"2021","unstructured":"Wenbo Ding, Hongxin Hu, and Long Cheng. 2021. IOTSAFE: Enforcing safety and security policy with real IoT physical interaction discovery. In Proceedings of the 28th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society. Retrieved from https:\/\/www.ndss-symposium.org\/ndss-paper\/iotsafe-enforcing-safety-and-security-policy-with-real-iot-physical-interaction-discovery\/."},{"key":"e_1_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427660"},{"key":"e_1_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.44"},{"key":"e_1_3_2_16_2","first-page":"531","volume-title":"Proceedings of the 25th USENIX Security Symposium (USENIX Security\u201916)","author":"Fernandes Earlence","year":"2016","unstructured":"Earlence Fernandes, Justin Paupore, Amir Rahmati, Daniel Simionato, Mauro Conti, and Atul Prakash. 2016. FlowFence: Practical data protection for emerging IoT application frameworks. In Proceedings of the 25th USENIX Security Symposium (USENIX Security\u201916). USENIX Association, 531\u2013548. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/fernandes."},{"key":"e_1_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/1166253.1166269"},{"key":"e_1_3_2_18_2","first-page":"4223","volume-title":"Proceedings of the 30th USENIX Security Symposium (USENIX Security\u201921)","author":"Fu Chenglong","year":"2021","unstructured":"Chenglong Fu, Qiang Zeng, and Xiaojiang Du. 2021. HAWatcher: Semantics-aware anomaly detection for appified smart homes. In Proceedings of the 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 4223\u20134240. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/fu-chenglong."},{"key":"e_1_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3203245"},{"key":"e_1_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/SPW53761.2021.00038"},{"key":"e_1_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/1864349.1864375"},{"key":"e_1_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00041"},{"key":"e_1_3_2_23_2","volume-title":"Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P)","author":"He Weijia","year":"2021","unstructured":"Weijia He, Valerie Zhao, Olivia Morkved, Sabeeka Siddiqui, Earlence Fernandes, Josiah Hester, and Blase Ur. 2021. SoK: Context sensing for access control in the adversarial home IoT. In Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P). IEEE."},{"key":"e_1_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897886"},{"key":"e_1_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2614505"},{"key":"e_1_3_2_26_2","volume-title":"Apple HomeKit: Your Home at Your Command.","author":"Inc. Apple","year":"2021","unstructured":"Apple Inc.2021. Apple HomeKit: Your Home at Your Command. Retrieved from https:\/\/www.apple.com\/uk\/ios\/home\/."},{"key":"e_1_3_2_27_2","volume-title":"Samsung SmartThings","author":"Inc. SmartThings","year":"2020","unstructured":"SmartThings Inc.2020. Samsung SmartThings. Retrieved from https:\/\/www.smartthings.com\/."},{"key":"e_1_3_2_28_2","volume-title":"AN1138: Zigbee Mesh Network Performance","author":"Inc. Silicon Laboratories","year":"2012","unstructured":"Silicon Laboratories Inc.2012. AN1138: Zigbee Mesh Network Performance. Retrieved from https:\/\/www.silabs.com\/documents\/login\/application-notes\/an1138-zigbee-mesh-network-performance.pdf."},{"key":"e_1_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23051"},{"key":"e_1_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/1620545.1620582"},{"key":"e_1_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.201"},{"key":"e_1_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2012.07.003"},{"key":"e_1_3_2_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025773"},{"key":"e_1_3_2_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660334"},{"key":"e_1_3_2_35_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2017.283"},{"key":"e_1_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00051"},{"key":"e_1_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3281411.3281440"},{"key":"e_1_3_2_38_2","volume-title":"openHAB: Empowering the Smart Home","author":"e.V. openHAB Foundation","year":"2021","unstructured":"openHAB Foundation e.V.2021. openHAB: Empowering the Smart Home. Retrieved from https:\/\/www.openhab.org\/."},{"key":"e_1_3_2_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCNS.2016.2607420"},{"key":"e_1_3_2_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3064809"},{"key":"e_1_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2018.00012"},{"key":"e_1_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSP.2010.2091277"},{"key":"e_1_3_2_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.13"},{"key":"e_1_3_2_44_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.14"},{"key":"e_1_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0087357"},{"key":"e_1_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2011.271"},{"key":"e_1_3_2_47_2","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2018.2839604"},{"key":"e_1_3_2_48_2","doi-asserted-by":"publisher","DOI":"10.1145\/3055245.3055253"},{"key":"e_1_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359840"},{"key":"e_1_3_2_50_2","doi-asserted-by":"publisher","DOI":"10.1145\/2939918.2939925"},{"key":"e_1_3_2_51_2","first-page":"361","volume-title":"Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917)","author":"Tian Yuan","year":"2017","unstructured":"Yuan Tian, Nan Zhang, Yueh-Hsun Lin, XiaoFeng Wang, Blase Ur, Xianzheng Guo, and Patrick Tague. 2017. SmartAuth: User-centered authorization for the internet of things. In Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917). USENIX Association, 361\u2013378. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/tian."},{"key":"e_1_3_2_52_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4612-1904-0"},{"key":"e_1_3_2_53_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23282"},{"key":"e_1_3_2_54_2","doi-asserted-by":"publisher","DOI":"10.1109\/IECON.2018.8591773"},{"key":"e_1_3_2_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3003621"},{"key":"e_1_3_2_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3204439"},{"key":"e_1_3_2_57_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243820"}],"container-title":["ACM Transactions on Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3506859","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3506859","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:31:09Z","timestamp":1750188669000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3506859"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,4,11]]},"references-count":56,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2022,8,31]]}},"alternative-id":["10.1145\/3506859"],"URL":"https:\/\/doi.org\/10.1145\/3506859","relation":{},"ISSN":["2691-1914","2577-6207"],"issn-type":[{"value":"2691-1914","type":"print"},{"value":"2577-6207","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,4,11]]},"assertion":[{"value":"2021-01-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-04-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}