Software written by researchers from Cardiff can detect and classify cyber attacks on smart home devices including speakers, security cameras and thermostats.
The tool — which could be implemented like antivirus software — studies normal behaviour on a home network and uses this as a baseline to detect malicious activity.
In tests, it could identify attacks to such devices as an Amazon Echo Dot and an Apple TV set-top box with around 90 per cent accuracy.
According to the team, such digital ‘intrusion detection systems’ are vital to keep up with evolving smart devices and the ‘tremendous security flaws’ they introduce.
At present, smart devices are often the weakest link in otherwise secure networks — making them an ‘attractive target’ for attackers.
In Western Europe, the average household has 5.4 smart home items, with another 20.4 billion such devices expected to be sold this year alone.
The new tech comes in the wake of the announcement of a UK law that will force smart device makers to be clear about how long they will provide security updates.
The new security system has been developed by computer scientists Eirini Anthi, Pete Burnap and colleagues from Cardiff University.
‘The insufficient security measures and lack of dedicated detection systems for networks of smart devices make them vulnerable to a range of attacks, such as data leakage, spoofing, disruption of service and energy bleeding,’ said Ms Anthi.
‘These can lead to disastrous effects, causing damage to hardware, disrupting the system availability, causing system blackouts and even physically harming individuals.’
‘A relatively simple and seemingly harmless deauthentication attack can cause no significant damage, but if performed on a device with critical significance, such as a steering wheel in a wireless car, it can pose a threat to human life.’
To test their system, the researchers set up a mock household environment containing eight different smart devices — including an Amazon Echo Dot, an Apple TV, a Belkin NetCam, a Lifx Lamp and a Samsung Smart Things hub.
The final three devices were a TP-Link NC200 Camera; TP-Link Smart Plug and a British Gas Hive that was connected to a motion sensor and a window/door sensor.
Against this simulated network, the team unleashed several common forms of cyber attack — including ‘Man-In-The-Middle’, which compromises communications to and from the device and Denial of Service attacks that stop them from working.
The team’s system uses a three-tiered approach to detect digital intrusions.
Firstly, it determines the nature and normal behaviour of each smart device on the network — and then uses this to help identify subsequent anomalies that might signify malicious activity and classify the manner of the attack.
The researchers found that their system was able to complete these tasks with 96.2, 90 and 98 per cent accuracy, respectively.
‘What we’ve demonstrated is a system that can successfully distinguish between devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device,’ said Ms Anthi.
‘This is another step forward in the early stage detection of disruptive cyber-attacks,’ said Professor Burnap.
‘The overarching goal of our cyber research programme is to pave the way for proactive and cost saving cyber defences, maximising the potential for AI in cybersecurity in line with the objectives of the UK’s industrial strategy.’
The full findings of the study were published in the IEEE Internet of Things Journal.