Research On Security Preserving Methods Of Smart Home Devices’ Application And Data

The explosive growth of smart home devices brings convenience to users,and also brings privacy security problem.The smart home apps can access a lot of sensitive information,but the user does not know the specific flow of these sensitive data in the app,and thus cannot analyze the privacy leakage;There is a many-to-many mapping relationship between apps and devices,and the devices are independent,which makes it more complicated and difficult to determine whether the insecure events in this scene are caused by malicious apps;An insecure third-party server will leak user privacy.Due to the lack of consideration of the correlation between data,the traditional localized differential privacy-preserving methods do not apply to the data in this scene.In response to the above problems,this paper correspondingly proposes methods for app security and data security.The main contents are as follows:1.For the problems that the privacy leakage of apps cannot be analyzed and the difficulty of identifying unsafe events,an app security preserving method based on static analysis and data provenance is proposed.Firstly,the taint sources and sinks in the smart home app are analyzed,and the static taint analysis method is implemented through the relevant functions of the groovy compiler to analyze the privacy leakage in the app.Secondly,the W3 C PROV-DM data provenance model is used to unify the semantic information of the devices and methods existing in the scene,and the above taint analysis method and static instrumentation technology are used to achieve data provenance.Finally,the proposed method is verified through experiments.In this paper,200 normal apps are selected for static taint analysis,and 12 malicious apps are used for provenance analysis.The experimental results show that about 63% of normal apps have privacy leaks,and the specific conditions of the taint sources and sinks are analyzed.Data provenance can accurately analyze the insecure events caused by 12 malicious apps and determine that they are caused by malicious apps.2.For the problem that the traditional localized differential privacy-preserving methods are not applicable to the data in this scene,an improved localized differential privacy-preserving method is proposed.Taking two-dimensional related data as object,first,the main attribute of the original two-dimensional data is converted into bit vectors using the Bloom filter.The middle part of the bit vector is not processed,and the rest is disturbed by the localized differential privacy-preserving method.Disturb the subordinate attributes directly using the localized differential privacy-preserving method.Then the third-party server groups the original data according to the bit vector that remains unchanged in the main attribute.Finally performs statistical analysis on the grouped data to complete its statistical goal.Two types of data sets are selected in the experiment,and Mean Squared Error(MSE)and Relative Error(RE)are selected as evaluation indicators.The experimental results show that this method has lower algorithm errors and higher data availability than the traditional localized differential privacy-preserving method under the same privacy budget.