{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T15:54:59Z","timestamp":1783007699778,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":85,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T00:00:00Z","timestamp":1667779200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["2145675, 2124225, 1652954"],"award-info":[{"award-number":["2145675, 2124225, 1652954"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,7]]},"DOI":"10.1145\/3548606.3560590","type":"proceedings-article","created":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T11:41:28Z","timestamp":1667821288000},"page":"3285-3299","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT"],"prefix":"10.1145","author":[{"given":"Xin'an","family":"Zhou","sequence":"first","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jiale","family":"Guan","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Luyi","family":"Xing","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Zhiyun","family":"Qian","sequence":"additional","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,11,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2022. August Smart Lock. https:\/\/august.com\/products\/august-smart-lock-3rdgeneration.  2022. August Smart Lock. https:\/\/august.com\/products\/august-smart-lock-3rdgeneration."},{"key":"e_1_3_2_1_2_1","unstructured":"2022. Aura Bluetooth Smart Door Lock | Kwikset. https:\/\/www.kwikset.com\/aura.  2022. Aura Bluetooth Smart Door Lock | Kwikset. https:\/\/www.kwikset.com\/aura."},{"key":"e_1_3_2_1_3_1","unstructured":"2022. Chipolo ONE 4 Pack. https:\/\/chipolo.net\/en-us\/products\/chipolo-one-4- pack.  2022. Chipolo ONE 4 Pack. https:\/\/chipolo.net\/en-us\/products\/chipolo-one-4- pack."},{"key":"e_1_3_2_1_4_1","unstructured":"2022. Find Your Lost Phone Keys or Anything with Tile's Bluetooth Tracker | Tile. https:\/\/www.thetileapp.com\/en-us\/store\/tiles\/pro.  2022. Find Your Lost Phone Keys or Anything with Tile's Bluetooth Tracker | Tile. https:\/\/www.thetileapp.com\/en-us\/store\/tiles\/pro."},{"key":"e_1_3_2_1_5_1","unstructured":"2022. Geonfino Smart Lock. https:\/\/www.amazon.com\/dp\/B0957PSMBJ\/.  2022. Geonfino Smart Lock. https:\/\/www.amazon.com\/dp\/B0957PSMBJ\/."},{"key":"e_1_3_2_1_6_1","unstructured":"2022. Honeywell Bluetooth Enabled Deadbolt Door Lock With Keypad Satin Nickel | Honeywell Store. https:\/\/www.honeywellstore.com\/store\/products\/ honeywell-bluetooth-enabled-entry-deadbolt-nickel-8812309s.htm.  2022. Honeywell Bluetooth Enabled Deadbolt Door Lock With Keypad Satin Nickel | Honeywell Store. https:\/\/www.honeywellstore.com\/store\/products\/ honeywell-bluetooth-enabled-entry-deadbolt-nickel-8812309s.htm."},{"key":"e_1_3_2_1_7_1","unstructured":"2022. Kwikset Aura Product Documents. https:\/\/www.kwikset.com\/support\/ productdetail\/aura-bluetooth-enabled-smart-lock#documents  2022. Kwikset Aura Product Documents. https:\/\/www.kwikset.com\/support\/ productdetail\/aura-bluetooth-enabled-smart-lock#documents"},{"key":"e_1_3_2_1_8_1","unstructured":"2022. Level | Level Lock - The Smallest and Most Advanced Smart Lock Ever. https:\/\/level.co\/products\/lock.  2022. Level | Level Lock - The Smallest and Most Advanced Smart Lock Ever. https:\/\/level.co\/products\/lock."},{"key":"e_1_3_2_1_9_1","unstructured":"2022. Schlage Sense? Smart Deadbolt with Camelot trim. https:\/\/www.schlage. com\/en\/home\/products\/BE479CAMFFF.html.  2022. Schlage Sense? Smart Deadbolt with Camelot trim. https:\/\/www.schlage. com\/en\/home\/products\/BE479CAMFFF.html."},{"key":"e_1_3_2_1_10_1","unstructured":"2022. Ultraloq U-Bolt Pro Smart Lock | World's Most Versatile Smart Lock -- U-tec. https:\/\/store.u-tec.com\/products\/ultraloq-u-bolt-pro-bluetooth-enabledfingerprint-and-keypad-smart-lock.  2022. Ultraloq U-Bolt Pro Smart Lock | World's Most Versatile Smart Lock -- U-tec. https:\/\/store.u-tec.com\/products\/ultraloq-u-bolt-pro-bluetooth-enabledfingerprint-and-keypad-smart-lock."},{"key":"e_1_3_2_1_11_1","unstructured":"2022. Yale Assure Lock Touchscreen Standalone - Yale Home. https:\/\/shopyalehome.com\/collections\/keypad-locks\/products\/yale-assurelock-touchscreen-standalone?variant=39341912162436.  2022. Yale Assure Lock Touchscreen Standalone - Yale Home. https:\/\/shopyalehome.com\/collections\/keypad-locks\/products\/yale-assurelock-touchscreen-standalone?variant=39341912162436."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2018.03.026"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3381991.3395617"},{"key":"e_1_3_2_1_14_1","volume-title":"IRBAC 2000: Secure interoperability using dynamic role translation. In In Proceedings of the 1st International Conference on Internet Computing. 231--238","author":"Apu Kapadia","year":"2000","unstructured":"Apu Kapadia Jalal Al-muhtadi. 2000 . IRBAC 2000: Secure interoperability using dynamic role translation. In In Proceedings of the 1st International Conference on Internet Computing. 231--238 . Apu Kapadia Jalal Al-muhtadi. 2000. IRBAC 2000: Secure interoperability using dynamic role translation. In In Proceedings of the 1st International Conference on Internet Computing. 231--238."},{"key":"e_1_3_2_1_15_1","volume-title":"A mobile multi-technology gateway to enable IoT interoperability. In 2016 IEEE first international conference on internet-of-things design and implementation (IoTDI)","author":"Aloi Gianluca","unstructured":"Gianluca Aloi , Giuseppe Caliciuri , Giancarlo Fortino , Raffaele Gravina , Pasquale Pace , Wilma Russo , and Claudio Savaglio . 2016. A mobile multi-technology gateway to enable IoT interoperability. In 2016 IEEE first international conference on internet-of-things design and implementation (IoTDI) . IEEE , 259--264. Gianluca Aloi, Giuseppe Caliciuri, Giancarlo Fortino, Raffaele Gravina, Pasquale Pace, Wilma Russo, and Claudio Savaglio. 2016. A mobile multi-technology gateway to enable IoT interoperability. In 2016 IEEE first international conference on internet-of-things design and implementation (IoTDI). IEEE, 259--264."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3127459"},{"key":"e_1_3_2_1_17_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Andersen Michael P","year":"2019","unstructured":"Michael P Andersen , Sam Kumar , Moustafa AbdelBaky , Gabe Fierro , John Kolb , Hyung-Sin Kim , David E Culler , and Raluca Ada Popa . 2019 . {WAVE}: A decentralized authorization framework with transitive delegation . In 28th USENIX Security Symposium (USENIX Security 19) . 1375--1392. Michael P Andersen, Sam Kumar, Moustafa AbdelBaky, Gabe Fierro, John Kolb, Hyung-Sin Kim, David E Culler, and Raluca Ada Popa. 2019. {WAVE}: A decentralized authorization framework with transitive delegation. In 28th USENIX Security Symposium (USENIX Security 19). 1375--1392."},{"key":"e_1_3_2_1_18_1","volume-title":"BIAS: Bluetooth Impersonation AttackS. In 2020 IEEE Symposium on Security and Privacy (SP). 549--562","author":"Antonioli Daniele","year":"2020","unstructured":"Daniele Antonioli , Nils Ole Tippenhauer , and Kasper Rasmussen . 2020 . BIAS: Bluetooth Impersonation AttackS. In 2020 IEEE Symposium on Security and Privacy (SP). 549--562 . https:\/\/doi.org\/10.1109\/SP40000.2020.00093 10.1109\/SP40000.2020.00093 Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. 2020. BIAS: Bluetooth Impersonation AttackS. In 2020 IEEE Symposium on Security and Privacy (SP). 549--562. https:\/\/doi.org\/10.1109\/SP40000.2020.00093"},{"key":"e_1_3_2_1_19_1","volume-title":"28th USENIX Security Symposium (USENIX Security. USENIX Association","author":"Antonioli Daniele","unstructured":"Daniele Antonioli , Nils Ole Tippenhauer , and Kasper B. Rasmussen . 2019. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR\/EDR . In 28th USENIX Security Symposium (USENIX Security. USENIX Association , Santa Clara, CA, 1047--1061. https:\/\/www.usenix.org\/ conference\/usenixsecurity19\/presentation\/antonioli Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen. 2019. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR\/EDR. In 28th USENIX Security Symposium (USENIX Security. USENIX Association, Santa Clara, CA, 1047--1061. https:\/\/www.usenix.org\/ conference\/usenixsecurity19\/presentation\/antonioli"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"Z Berkay Celik Gang Tan and Patrick D McDaniel. 2019. IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT.. In NDSS.  Z Berkay Celik Gang Tan and Patrick D McDaniel. 2019. IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT.. In NDSS.","DOI":"10.14722\/ndss.2019.23326"},{"key":"e_1_3_2_1_21_1","volume-title":"Database and Expert Systems Applications, Vladim\u00edr Ma\u0159\u00edk, Werner Retschitzegger, and Olga t\u011bp\u00e1nkov\u00e1 (Eds.)","author":"Chatvichienchai Somchai","unstructured":"Somchai Chatvichienchai , Mizuho Iwaihara , and Yahiko Kambayashi . 2003. Secure Interoperability between Cooperating XML Systems by Dynamic Role Translation . In Database and Expert Systems Applications, Vladim\u00edr Ma\u0159\u00edk, Werner Retschitzegger, and Olga t\u011bp\u00e1nkov\u00e1 (Eds.) . Springer Berlin Heidelberg , Berlin, Heidelberg , 866--875. Somchai Chatvichienchai, Mizuho Iwaihara, and Yahiko Kambayashi. 2003. Secure Interoperability between Cooperating XML Systems by Dynamic Role Translation. In Database and Expert Systems Applications, Vladim\u00edr Ma\u0159\u00edk, Werner Retschitzegger, and Olga t\u011bp\u00e1nkov\u00e1 (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 866--875."},{"key":"e_1_3_2_1_22_1","volume-title":"Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users. In 2019 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 222--233","author":"Chen Jiongyi","year":"2019","unstructured":"Jiongyi Chen , Chaoshun Zuo , Wenrui Diao , Shuaike Dong , Qingchuan Zhao , Menghan Sun , Zhiqiang Lin , Yinqian Zhang , and Kehuan Zhang . 2019 . Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users. In 2019 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 222--233 . https:\/\/doi.org\/10.1109\/DSN.2019.00034 10.1109\/DSN.2019.00034 Jiongyi Chen, Chaoshun Zuo, Wenrui Diao, Shuaike Dong, Qingchuan Zhao, Menghan Sun, Zhiqiang Lin, Yinqian Zhang, and Kehuan Zhang. 2019. Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users. In 2019 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 222--233. https:\/\/doi.org\/10.1109\/DSN.2019.00034"},{"key":"e_1_3_2_1_23_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Chen Yunang","year":"2022","unstructured":"Yunang Chen , Mohannad Alhanahnah , Andrei Sabelfeld , Rahul Chatterjee , and Earlence Fernandes . 2022 . Practical Data Access Minimization in {Trigger- Action} Platforms . In 31st USENIX Security Symposium (USENIX Security 22) . 2929--2945. Yunang Chen, Mohannad Alhanahnah, Andrei Sabelfeld, Rahul Chatterjee, and Earlence Fernandes. 2022. Practical Data Access Minimization in {Trigger- Action} Platforms. In 31st USENIX Security Symposium (USENIX Security 22). 2929--2945."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00108"},{"key":"e_1_3_2_1_25_1","volume-title":"Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 285--302","author":"Chi Haotian","year":"2022","unstructured":"Haotian Chi , Chenglong Fu , Qiang Zeng , and Xiaojiang Du . 2022 . Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 285--302 . Haotian Chi, Chenglong Fu, Qiang Zeng, and Xiaojiang Du. 2022. Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 285--302."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1323293.1294281"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516693"},{"key":"e_1_3_2_1_28_1","volume-title":"Int. Conf. Computer, Communication and Control Technologies. Citeseer.","author":"Farkas Csilla","year":"2003","unstructured":"Csilla Farkas , Andrei Stoica , and Parag Talekar . 2003 . APTA: An automated policy translation architecture . In Int. Conf. Computer, Communication and Control Technologies. Citeseer. Csilla Farkas, Andrei Stoica, and Parag Talekar. 2003. APTA: An automated policy translation architecture. In Int. Conf. Computer, Communication and Control Technologies. Citeseer."},{"key":"e_1_3_2_1_29_1","volume-title":"Security Analysis of Emerging Smart Home Applications. In 2016 IEEE Symposium on Security and Privacy (SP). 636--654","author":"Fernandes Earlence","year":"2016","unstructured":"Earlence Fernandes , Jaeyeon Jung , and Atul Prakash . 2016 . Security Analysis of Emerging Smart Home Applications. In 2016 IEEE Symposium on Security and Privacy (SP). 636--654 . https:\/\/doi.org\/10.1109\/SP.2016.44 10.1109\/SP.2016.44 Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security Analysis of Emerging Smart Home Applications. In 2016 IEEE Symposium on Security and Privacy (SP). 636--654. https:\/\/doi.org\/10.1109\/SP.2016.44"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23119"},{"key":"e_1_3_2_1_31_1","unstructured":"Colin J Fidge. 1987. Timestamps in message-passing systems that preserve the partial ordering. (1987).  Colin J Fidge. 1987. Timestamps in message-passing systems that preserve the partial ordering. (1987)."},{"key":"e_1_3_2_1_32_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Fu Chenglong","year":"2021","unstructured":"Chenglong Fu , Qiang Zeng , and Xiaojiang Du . 2021 . {HAWatcher}:{Semantics- Aware} Anomaly Detection for Appified Smart Homes . In 30th USENIX Security Symposium (USENIX Security 21) . 4223--4240. Chenglong Fu, Qiang Zeng, and Xiaojiang Du. 2021. {HAWatcher}:{Semantics- Aware} Anomaly Detection for Appified Smart Homes. In 30th USENIX Security Symposium (USENIX Security 21). 4223--4240."},{"key":"e_1_3_2_1_33_1","volume-title":"Security Analysis of the August Smart Lock. en. In:()","author":"Fuller Megan","year":"2019","unstructured":"Megan Fuller , Madeline Jenkins , and Katrine Tj\u00f8lsen . 2019. Security Analysis of the August Smart Lock. en. In:() ( 2019 ), 17. Megan Fuller, Madeline Jenkins, and Katrine Tj\u00f8lsen. 2019. Security Analysis of the August Smart Lock. en. In:() (2019), 17."},{"key":"e_1_3_2_1_34_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"He Weijia","year":"2018","unstructured":"Weijia He , Maximilian Golla , Roshni Padhi , Jordan Ofek , Markus D\u00fcrmuth , Earlence Fernandes , and Blase Ur . 2018 . Rethinking Access Control and Authentication for the Home Internet of Things ({ { { { {IoT} } } } }) . In 27th USENIX Security Symposium (USENIX Security 18) . 255--272. Weijia He, Maximilian Golla, Roshni Padhi, Jordan Ofek, Markus D\u00fcrmuth, Earlence Fernandes, and Blase Ur. 2018. Rethinking Access Control and Authentication for the Home Internet of Things ({ { { { {IoT} } } } }). In 27th USENIX Security Symposium (USENIX Security 18). 255--272."},{"key":"e_1_3_2_1_35_1","volume-title":"RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices. In 31th USENIX Security Symposium (USENIX Security 22)","author":"He Yi","year":"2022","unstructured":"Yi He , Zhenhua Zou , Kun Sun , Zhuotao Liu , Ke Xu , Qian Wang , Chao Shen , Zhi Wang , and Qi Li . 2022 . RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices. In 31th USENIX Security Symposium (USENIX Security 22) . Yi He, Zhenhua Zou, Kun Sun, Zhuotao Liu, Ke Xu, Qian Wang, Chao Shen, Zhi Wang, and Qi Li. 2022. RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices. In 31th USENIX Security Symposium (USENIX Security 22)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897886"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW50608.2020.00033"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00051"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484592"},{"key":"e_1_3_2_1_40_1","volume-title":"NDSS","volume":"2","author":"Jia Yunhan Jack","year":"2017","unstructured":"Yunhan Jack Jia , Qi Alfred Chen , Shiqi Wang , Amir Rahmati , Earlence Fernandes , Zhuoqing Morley Mao , Atul Prakash , and SJ Unviersity . 2017 . ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms .. In NDSS , Vol. 2 . San Diego, 2--2. Yunhan Jack Jia, Qi Alfred Chen, Shiqi Wang, Amir Rahmati, Earlence Fernandes, Zhuoqing Morley Mao, Atul Prakash, and SJ Unviersity. 2017. ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms.. In NDSS, Vol. 2. San Diego, 2--2."},{"key":"e_1_3_2_1_41_1","unstructured":"Jmaxxz. 2016. Backdooring the Front Door. https:\/\/media.defcon.org\/DEF% 20CON%2024\/DEF%20CON%2024%20presentations\/DEF%20CON%2024%20-%20Jmaxxz-Backdooring-the-Frontdoor-UPDATED.pdf.  Jmaxxz. 2016. Backdooring the Front Door. https:\/\/media.defcon.org\/DEF% 20CON%2024\/DEF%20CON%2024%20presentations\/DEF%20CON%2024%20-%20Jmaxxz-Backdooring-the-Frontdoor-UPDATED.pdf."},{"key":"e_1_3_2_1_42_1","first-page":"993","article-title":"Intelligent door lock system in communication with mobile device that stores associated user data","volume":"10","author":"Johnson Jason","year":"2021","unstructured":"Jason Johnson , Rolf Rando , Siddharth Gidwani , and Christopher Dow . 2021 . Intelligent door lock system in communication with mobile device that stores associated user data . US Patent 10 , 993 ,111. Jason Johnson, Rolf Rando, Siddharth Gidwani, and Christopher Dow. 2021. Intelligent door lock system in communication with mobile device that stores associated user data. US Patent 10,993,111.","journal-title":"US Patent"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/1248721.1248736"},{"key":"e_1_3_2_1_44_1","volume-title":"JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Kumar Sam","unstructured":"Sam Kumar , Yuncong Hu , Michael P Andersen , Raluca Ada Popa , and David E. Culler . 2019 . JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT. In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 1519--1536. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/kumar-sam Sam Kumar, Yuncong Hu, Michael P Andersen, Raluca Ada Popa, and David E. Culler. 2019. JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1519--1536. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/kumar-sam"},{"key":"e_1_3_2_1_45_1","volume-title":"European Symposium on Research in Computer Security. Springer, 261--271","author":"Dieter Gollmann Lam","year":"1992","unstructured":"Kwok-yan Lam and Dieter Gollmann . 1992 . Freshness assurance of authentication protocols . In European Symposium on Research in Computer Security. Springer, 261--271 . Kwok-yan Lam and Dieter Gollmann. 1992. Freshness assurance of authentication protocols. In European Symposium on Research in Computer Security. Springer, 261--271."},{"key":"e_1_3_2_1_46_1","unstructured":"Edward A. Lee Soroush Bateni Shaokai Lin Marten Lohstroh and Christian Menard. 2021. Quantifying and Generalizing the CAP Theorem. arXiv:2109.07771 [cs.DC]  Edward A. Lee Soroush Bateni Shaokai Lin Marten Lohstroh and Christian Menard. 2021. Quantifying and Generalizing the CAP Theorem. arXiv:2109.07771 [cs.DC]"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043621.2043625"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417286"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/10590.10593"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102000"},{"key":"e_1_3_2_1_51_1","volume-title":"Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms. In Annual Computer Security Applications Conference. 982--995","author":"Luo Lannan","year":"2021","unstructured":"Lannan Luo , Qiang Zeng , Bokai Yang , Fei Zuo , and Junzhe Wang . 2021 . Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms. In Annual Computer Security Applications Conference. 982--995 . Lannan Luo, Qiang Zeng, Bokai Yang, Fei Zuo, and Junzhe Wang. 2021. Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms. In Annual Computer Security Applications Conference. 982--995."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0035"},{"key":"e_1_3_2_1_53_1","unstructured":"Friedemann Mattern et al. 1988. Virtual time and global states of distributed systems. Univ. Department of Computer Science.  Friedemann Mattern et al. 1988. Virtual time and global states of distributed systems. Univ. Department of Computer Science."},{"key":"e_1_3_2_1_54_1","volume-title":"Xiao Feng Wang, and Carl A Gunter","author":"Naveed Muhammad","year":"2014","unstructured":"Muhammad Naveed , Xiao-yong Zhou, Soteris Demetriou , Xiao Feng Wang, and Carl A Gunter . 2014 . Inside Job : Understanding and Mitigating the Threat of External Device Mis-Binding on Android.. In NDSS. Muhammad Naveed, Xiao-yong Zhou, Soteris Demetriou, Xiao Feng Wang, and Carl A Gunter. 2014. Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android.. In NDSS."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/359657.359659"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3281411.3281440"},{"key":"e_1_3_2_1_57_1","volume-title":"HERA: Hotpatching of Embedded Real-time Applications.. In NDSS.","author":"Niesler Christian","year":"2021","unstructured":"Christian Niesler , Sebastian Surminski , and Lucas Davi . 2021 . HERA: Hotpatching of Embedded Real-time Applications.. In NDSS. Christian Niesler, Sebastian Surminski, and Lucas Davi. 2021. HERA: Hotpatching of Embedded Real-time Applications.. In NDSS."},{"key":"e_1_3_2_1_58_1","volume-title":"Through the Spyglass: Towards IoT Companion App Man-in-the-Middle Attacks. In Cyber Security Experimentation and Test Workshop. 58--62","author":"Connor TJ","year":"2021","unstructured":"TJ O Connor , Dylan Jessee , and Daniel Campos . 2021 . Through the Spyglass: Towards IoT Companion App Man-in-the-Middle Attacks. In Cyber Security Experimentation and Test Workshop. 58--62 . TJ OConnor, Dylan Jessee, and Daniel Campos. 2021. Through the Spyglass: Towards IoT Companion App Man-in-the-Middle Attacks. In Cyber Security Experimentation and Test Workshop. 58--62."},{"key":"e_1_3_2_1_59_1","volume-title":"Cool Spots: Reducing the Power Consumption of Wireless Mobile Devices with Multiple Radio Interfaces (MobiSys '06)","author":"Pering Trevor","year":"2006","unstructured":"Trevor Pering , Yuvraj Agarwal , Rajesh Gupta , and Roy Want . 2006 . Cool Spots: Reducing the Power Consumption of Wireless Mobile Devices with Multiple Radio Interfaces (MobiSys '06) . Trevor Pering, Yuvraj Agarwal, Rajesh Gupta, and Roy Want. 2006. Cool Spots: Reducing the Power Consumption of Wireless Mobile Devices with Multiple Radio Interfaces (MobiSys '06)."},{"key":"e_1_3_2_1_60_1","volume-title":"Victor Wen, and David E Culler.","author":"Perrig Adrian","year":"2002","unstructured":"Adrian Perrig , Robert Szewczyk , Justin Douglas Tygar , Victor Wen, and David E Culler. 2002 . SPINS : Security protocols for sensor networks. Wireless networks 8, 5 (2002), 521--534. Adrian Perrig, Robert Szewczyk, Justin Douglas Tygar, Victor Wen, and David E Culler. 2002. SPINS: Security protocols for sensor networks. Wireless networks 8, 5 (2002), 521--534."},{"key":"e_1_3_2_1_61_1","volume-title":"Tyche: A risk-based permission model for smart homes. In 2018 IEEE Cybersecurity Development (SecDev)","author":"Rahmati Amir","year":"2018","unstructured":"Amir Rahmati , Earlence Fernandes , Kevin Eykholt , and Atul Prakash . 2018 . Tyche: A risk-based permission model for smart homes. In 2018 IEEE Cybersecurity Development (SecDev) . IEEE , 29--36. Amir Rahmati, Earlence Fernandes, Kevin Eykholt, and Atul Prakash. 2018. Tyche: A risk-based permission model for smart homes. In 2018 IEEE Cybersecurity Development (SecDev). IEEE, 29--36."},{"key":"e_1_3_2_1_62_1","volume-title":"Frida-A world-class dynamic instrumentation framework. URL: https:\/\/frida. re","author":"Vadla Ravn\u00e5s Ole Andr\u00e9","year":"2016","unstructured":"Ole Andr\u00e9 Vadla Ravn\u00e5s . 2016. Frida-A world-class dynamic instrumentation framework. URL: https:\/\/frida. re ( 2016 ). Ole Andr\u00e9 Vadla Ravn\u00e5s. 2016. Frida-A world-class dynamic instrumentation framework. URL: https:\/\/frida. re (2016)."},{"key":"e_1_3_2_1_63_1","volume-title":"Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13)","author":"Ryan Mike","year":"2013","unstructured":"Mike Ryan . 2013 . Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13) . USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/woot13\/workshopprogram\/ presentation\/ryan Mike Ryan. 2013. Bluetooth: With Low Energy Comes Low Security. In 7th USENIX Workshop on Offensive Technologies (WOOT 13). USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/woot13\/workshopprogram\/ presentation\/ryan"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243817"},{"key":"e_1_3_2_1_66_1","volume-title":"Bluetooth core specification version 5.0. Specification of the Bluetooth System","author":"B SIG.","year":"2016","unstructured":"B SIG. 2016. Bluetooth core specification version 5.0. Specification of the Bluetooth System ( 2016 ). B SIG. 2016. Bluetooth core specification version 5.0. Specification of the Bluetooth System (2016)."},{"key":"e_1_3_2_1_67_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Sivakumaran Pallavi","year":"2019","unstructured":"Pallavi Sivakumaran and Jorge Blasco . 2019 . A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape . In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 1--18. https: \/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/sivakumaran Pallavi Sivakumaran and Jorge Blasco. 2019. A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1--18. https: \/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/sivakumaran"},{"key":"e_1_3_2_1_68_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Tian Yuan","year":"2017","unstructured":"Yuan Tian , Nan Zhang , Yueh-Hsun Lin , Xiao Feng Wang , Blase Ur , Xianzheng Guo , and Patrick Tague . 2017 . {SmartAuth}:{User-Centered} Authorization for the Internet of Things . In 26th USENIX Security Symposium (USENIX Security 17) . 361--378. Yuan Tian, Nan Zhang, Yueh-Hsun Lin, Xiao Feng Wang, Blase Ur, Xianzheng Guo, and Patrick Tague. 2017. {SmartAuth}:{User-Centered} Authorization for the Internet of Things. In 26th USENIX Security Symposium (USENIX Security 17). 361--378."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/1435417.1435432"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345662"},{"key":"e_1_3_2_1_71_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Wang Xueqiang","year":"2019","unstructured":"Xueqiang Wang , Yuqiong Sun , Susanta Nanda , and XiaoFeng Wang . 2019 . Looking from the Mirror: Evaluating {IoT} Device Security through Mobile Companion Apps . In 28th USENIX Security Symposium (USENIX Security 19) . 1151--1167. Xueqiang Wang, Yuqiong Sun, Susanta Nanda, and XiaoFeng Wang. 2019. Looking from the Mirror: Evaluating {IoT} Device Security through Mobile Companion Apps. In 28th USENIX Security Symposium (USENIX Security 19). 1151--1167."},{"key":"e_1_3_2_1_72_1","volume-title":"Proceedings of the 2022 ACMSIGSAC Conference on Computer and Communications Security.","author":"Xing Luyi","year":"2022","unstructured":"Luyi Xing , Ze Jin , Yiwei Fang , Yan Jia , Bin Yuan , and Qixu Liu . 2022 . Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies . In Proceedings of the 2022 ACMSIGSAC Conference on Computer and Communications Security. Luyi Xing, Ze Jin, Yiwei Fang, Yan Jia, Bin Yuan, and Qixu Liu. 2022. Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies. In Proceedings of the 2022 ACMSIGSAC Conference on Computer and Communications Security."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00084"},{"key":"e_1_3_2_1_74_1","volume-title":"9th USENIX Workshop on Offensive Technologies (WOOT 15)","author":"Xu Wen","year":"2015","unstructured":"Wen Xu and Yubin Fu . 2015 . Own Your Android! Yet Another Universal Root . In 9th USENIX Workshop on Offensive Technologies (WOOT 15) . USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/woot15\/workshopprogram\/ presentation\/xu Wen Xu and Yubin Fu. 2015. Own Your Android! Yet Another Universal Root. In 9th USENIX Workshop on Offensive Technologies (WOOT 15). USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/woot15\/workshopprogram\/ presentation\/xu"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOMW.2017.8116427"},{"key":"e_1_3_2_1_76_1","volume-title":"Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. In 29th USENIX Security Symposium (USENIX Security. USENIX Association, 1183--1200","author":"Yuan Bin","year":"2020","unstructured":"Bin Yuan , Yan Jia , Luyi Xing , Dongfang Zhao , XiaoFeng Wang , and Yuqing Zhang . 2020 . Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. In 29th USENIX Security Symposium (USENIX Security. USENIX Association, 1183--1200 . https:\/\/www.usenix.org\/conference\/ usenixsecurity20\/presentation\/yuan Bin Yuan, Yan Jia, Luyi Xing, Dongfang Zhao, XiaoFeng Wang, and Yuqing Zhang. 2020. Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. In 29th USENIX Security Symposium (USENIX Security. USENIX Association, 1183--1200. https:\/\/www.usenix.org\/conference\/ usenixsecurity20\/presentation\/yuan"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/3508396.3512881"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699343.2699344"},{"key":"e_1_3_2_1_79_1","volume-title":"Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Zeng Eric","year":"2019","unstructured":"Eric Zeng and Franziska Roesner . 2019 . Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study. In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 159--176. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/zeng Eric Zeng and Franziska Roesner. 2019. Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 159--176. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/zeng"},{"key":"e_1_3_2_1_80_1","first-page":"1132","article-title":"Declaration and Translation of Spatial Access Control Policy","volume":"8","author":"Zhang Aijuan","year":"2013","unstructured":"Aijuan Zhang , Jingxiang Gao , Jiuyun Sun , and Cheng Ji . 2013 . Declaration and Translation of Spatial Access Control Policy . J. Softw. 8 , 5 (2013), 1132 -- 1139 . Aijuan Zhang, Jingxiang Gao, Jiuyun Sun, and Cheng Ji. 2013. Declaration and Translation of Spatial Access Control Policy. J. Softw. 8, 5 (2013), 1132--1139.","journal-title":"J. Softw."},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/1878961.1878982"},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243820"},{"key":"e_1_3_2_1_83_1","volume-title":"Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Zhang Yue","year":"2020","unstructured":"Yue Zhang , Jian Weng , Rajib Dey , Yier Jin , Zhiqiang Lin , and Xinwen Fu . 2020 . Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks. In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association, 37--54. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/zhangyue Yue Zhang, Jian Weng, Rajib Dey, Yier Jin, Zhiqiang Lin, and Xinwen Fu. 2020. Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 37--54. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/zhangyue"},{"key":"e_1_3_2_1_84_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Zhang Zheng","unstructured":"Zheng Zhang , Hang Zhang , Zhiyun Qian , and Billy Lau . 2021. An Investigation of the Android Kernel Patch Ecosystem . In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association , 3649--3666. https:\/\/www.usenix.org\/ conference\/usenixsecurity21\/presentation\/zhang-zheng Zheng Zhang, Hang Zhang, Zhiyun Qian, and Billy Lau. 2021. An Investigation of the Android Kernel Patch Ecosystem. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3649--3666. https:\/\/www.usenix.org\/ conference\/usenixsecurity21\/presentation\/zhang-zheng"},{"key":"e_1_3_2_1_85_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Zhou Wei","year":"2019","unstructured":"Wei Zhou , Yan Jia , Yao Yao , Lipeng Zhu , Le Guan , Yuhang Mao , Peng Liu , and Yuqing Zhang . 2019 . Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms . In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 1133--1150. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/zhou Wei Zhou, Yan Jia, Yao Yao, Lipeng Zhu, Le Guan, Yuhang Mao, Peng Liu, and Yuqing Zhang. 2019. Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1133--1150. https:\/\/www.usenix.org\/conference\/ usenixsecurity19\/presentation\/zhou"}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","location":"Los Angeles CA USA","acronym":"CCS '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3548606.3560590","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3548606.3560590","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3548606.3560590","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:50:57Z","timestamp":1750182657000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3548606.3560590"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,7]]},"references-count":85,"alternative-id":["10.1145\/3548606.3560590","10.1145\/3548606"],"URL":"https:\/\/doi.org\/10.1145\/3548606.3560590","relation":{},"subject":[],"published":{"date-parts":[[2022,11,7]]},"assertion":[{"value":"2022-11-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}