Hide Your Hackable Smart Home from Remote Attacks: The Multipath Onion IoT Gateways

  • Lei Yang
  • Chris Seasholtz
  • Bo Luo
  • Fengjun LiEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11098)


The rapid expansion of IoT-enabled home automation is accompanied by substantial security and privacy risks. A large number of real-world security incidents exploiting various device vulnerabilities have been revealed. The Onion IoT gateways have been proposed to provide strong security protection for potentially vulnerable IoT devices by hiding them behind IoT gateways running the Tor hidden services, in which the gateways can only be accessed by authorized users with the .onion addresses of the gateways and correct credentials. However, the limited bandwidth of Tor makes this approach very impractical and unscalable. To tackle this issue, we present two novel designs of multipath Onion IoT gateway and split channel Onion IoT gateway. The first design implements a customized multipath routing protocol in Tor to construct a multi-circuit anonymous tunnel between the user and the Onion gateway to support applications that require low latency and high bandwidth. The second scheme splits command and data channels so that small-sized command packets are transmitted through the more secure channel over the Tor hidden service, while the less secure data channel over the public network is used for outbound very-high-bandwidth data traffic. Experiment results show that the proposed approaches significantly improve the performance of Onion IoT gateways, so that they can be practically adopted to securely transmit low-latency and high-bandwidth data, such as HD video streams from home surveillance cameras. We also prove the security guarantees of the proposed mechanism through security analysis.


IoT security Smart homes Tor hidden service 



This work is sponsored in part by the National Security Agency (NSA) Science of Security Initiative and the US National Science Foundation under NSF CNS-1422206 and DGE-1565570.


  1. 1.
    9 baby monitors wide open to hacks that expose users’ most private moments.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
    Let’s Encrypt.
  8. 8.
  9. 9.
    Ransomware Ruins Holiday By Hijacking Family’s LG Smart TV on Christmas Day.
  10. 10.
  11. 11.
  12. 12.
    VStarCam Eye4.
  13. 13.
    Trendnet cameras - i always feel like somebody’s watching me (2012).
  14. 14.
    AlSabah, M., Bauer, K., Elahi, T., Goldberg, I.: The path less travelled: overcoming Tor’s bottlenecks with traffic splitting. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 143–163. Springer, Heidelberg (2013). Scholar
  15. 15.
    AlSabah, M., et al.: DefenestraTor: throwing out windows in Tor. In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 134–154. Springer, Heidelberg (2011). Scholar
  16. 16.
    Barré, S., Paasch, C., Bonaventure, O.: MultiPath TCP: from theory to practice. In: Domingo-Pascual, J., Manzoni, P., Palazzo, S., Pont, A., Scoglio, C. (eds.) NETWORKING 2011. LNCS, vol. 6640, pp. 444–457. Springer, Heidelberg (2011). Scholar
  17. 17.
    Burke, S.: Massive cyberattack turned ordinary devices into weapons (2016).
  18. 18.
    Coldewey, D.: Smart locks yield to simple hacker tricks (2016).
  19. 19.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, August 2004Google Scholar
  20. 20.
    Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: Proceedings of the 37th IEEE Symposium on Security and Privacy (2016)Google Scholar
  21. 21.
  22. 22.
    Gartner Inc.: Gartner IoT forecast (2017).
  23. 23.
    Hossain, M.S., Muhammad, G.: Cloud-assisted industrial internet of things (IIoT)-enabled framework for health monitoring. Comput. Netw. 101, 192–202 (2016)CrossRefGoogle Scholar
  24. 24.
    Huang, Q., Wang, L., Yang, Y.: DECENT: secure and fine-grained data access control with policy updating for constrained IoT devices. World Wide Web 21(1), 151–167 (2018)CrossRefGoogle Scholar
  25. 25.
    Jia, Y.J., et al.: ContexIoT: towards providing contextual integrity to appified IoT platforms. In: Proceedings of The Network and Distributed System Security Symposium, vol. 2017 (2017)Google Scholar
  26. 26.
    Kim, J.E., Boulos, G., Yackovich, J., Barth, T., Beckel, C., Mosse, D.: Seamless integration of heterogeneous devices and access control in smart homes. In: 2012 8th International Conference on Intelligent Environments (IE), pp. 206–213. IEEE (2012)Google Scholar
  27. 27.
    Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., Carle, G.: DTLS based security and two-way authentication for the internet of things. Ad Hoc Netw. 11(8), 2710–2723 (2013)CrossRefGoogle Scholar
  28. 28.
    Liao, Y.P., Hsiao, C.M.: A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw. 18, 133–146 (2014)CrossRefGoogle Scholar
  29. 29.
    Ling, Z., Luo, J., Xu, Y., Gao, C., Wu, K., Fu, X.: Security vulnerabilities of internet of things: a case study of the smart plug system. IEEE Internet Things J. 4(6), 1899–1909 (2017)CrossRefGoogle Scholar
  30. 30.
    Ning, H., Liu, H., Yang, L.T.: Aggregated-proof based hierarchical authentication scheme for the internet of things. IEEE Trans. Parallel Distrib. Syst. 26(3), 657–667 (2015)CrossRefGoogle Scholar
  31. 31.
    Notra, S., Siddiqi, M., Gharakheili, H.H., Sivaraman, V., Boreli, R.: An experimental study of security and privacy risks with emerging household appliances. In: 2014 IEEE Conference on Communications and Network Security (CNS), pp. 79–84. IEEE (2014)Google Scholar
  32. 32.
    Raza, S., Shafagh, H., Hewage, K., Hummen, R., Voigt, T.: Lithe: lightweight secure CoAP for the internet of things. IEEE Sens. J. 13(10), 3711–3720 (2013)CrossRefGoogle Scholar
  33. 33.
    Shelby, Z., Bormann, C.: 6LoWPAN: The Wireless Embedded Internet, vol. 43. Wiley, Hoboken (2011)Google Scholar
  34. 34.
    Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP) (2014)Google Scholar
  35. 35.
    Sivaraman, V., Chan, D., Earl, D., Boreli, R.: Smart-phones attacking smart-homes. In: Proceedings of the 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 195–200. ACM (2016)Google Scholar
  36. 36.
    Sivaraman, V., Gharakheili, H.H., Vishwanath, A., Boreli, R., Mehani, O.: Network-level security and privacy control for smart-home IoT devices. In: 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 163–167. IEEE (2015)Google Scholar
  37. 37.
    Wang, T., Bauer, K., Forero, C., Goldberg, I.: Congestion-aware path selection for Tor. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 98–113. Springer, Heidelberg (2012). Scholar
  38. 38.
    Winter, T.: RPL: IPv6 routing protocol for low-power and lossy networks (2012)Google Scholar
  39. 39.
    Wu, D.J., Taly, A., Shankar, A., Boneh, D.: Privacy, discovery, and authentication for the internet of things. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 301–319. Springer, Cham (2016). Scholar
  40. 40.
    Yang, L., Humayed, A., Li, F.: A multi-cloud based privacy-preserving data publishing scheme for the internet of things. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 30–39. ACM (2016)Google Scholar
  41. 41.
    Yang, L., Li, F.: Enhancing traffic analysis resistance for tor hidden services with multipath routing. In: 2015 IEEE Conference on Communications and Network Security (CNS), pp. 745–746. IEEE (2015)Google Scholar
  42. 42.
    Yang, L., Li, F.: mTor: a multipath tor routing beyond bandwidth throttling. In: 2015 IEEE Conference on Communications and Network Security (CNS), pp. 479–487. IEEE (2015)Google Scholar
  43. 43.
    Yang, L., Xue, H., Li, F.: Privacy-preserving data sharing in smart grid systems. In: 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 878–883. IEEE (2014)Google Scholar
  44. 44.
    Yang, L., Zheng, Q., Fan, X.: RSPP: a reliable, searchable and privacy-preserving e-healthcare system for cloud-assisted body area networks. In: INFOCOM. IEEE (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Amazon LLC.SeattleUSA
  2. 2.The University of KansasLawrenceUSA

Personalised recommendations