TY - CHAP
T1 - Preventing and Detecting Malware in Smart Environments. The Smart Home Case
AU - Kulkarni, Shruti
AU - Mylonas, Alexios
AU - Vidalis, Stilianos
N1 - © 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2025/7/5
Y1 - 2025/7/5
N2 - Latest research from Strategy Analytics suggests that smart home devices will soar to 17 billion by 2030. However, as these devices become more popular increases, they introduce challenges in the security of their users. This is evidenced by the number of compromises for smart home devices reported in public vulnerability disclosure databases, such as vulnDB, ExploitDB, and AlienVault. These vulnerabilities are weaponised by malware, to infect smart home devices and breach users’ security. Nonetheless, current literature, as well as the security industry provides only limited host-based solutions for smart home devices against malware. This is orthogonal with the protection that is available to users in other devices, namely personal computers, tablets, and smartphones, where malware protection is readily available and often available out-of-the-box. This lack of an anti-malware solution for smart home devices coupled with the fact that their users are not necessarily security or technically savvy, exposes them to security risk. Furthermore, smart home devices generate data that could be used to deduce their user context and impair their privacy. As such, this paper surveys the available countermeasures that are proposed in the literature to detect and prevent malware in smart home devices. We find that most of the works focus on detecting malware, amongst other threats, by utilising traffic generated by these devices. We also discuss threat modelling and risk assessment, which has been used by the literature to prevent the manifestation of malware in smart homes.
AB - Latest research from Strategy Analytics suggests that smart home devices will soar to 17 billion by 2030. However, as these devices become more popular increases, they introduce challenges in the security of their users. This is evidenced by the number of compromises for smart home devices reported in public vulnerability disclosure databases, such as vulnDB, ExploitDB, and AlienVault. These vulnerabilities are weaponised by malware, to infect smart home devices and breach users’ security. Nonetheless, current literature, as well as the security industry provides only limited host-based solutions for smart home devices against malware. This is orthogonal with the protection that is available to users in other devices, namely personal computers, tablets, and smartphones, where malware protection is readily available and often available out-of-the-box. This lack of an anti-malware solution for smart home devices coupled with the fact that their users are not necessarily security or technically savvy, exposes them to security risk. Furthermore, smart home devices generate data that could be used to deduce their user context and impair their privacy. As such, this paper surveys the available countermeasures that are proposed in the literature to detect and prevent malware in smart home devices. We find that most of the works focus on detecting malware, amongst other threats, by utilising traffic generated by these devices. We also discuss threat modelling and risk assessment, which has been used by the literature to prevent the manifestation of malware in smart homes.
KW - Detection
KW - Indicators of compromise
KW - Malware
KW - Risk assessment
KW - Smart home
KW - Threat modelling
UR - http://www.scopus.com/inward/record.url?scp=85211091621&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-66245-4_17
DO - 10.1007/978-3-031-66245-4_17
M3 - Chapter
SN - 978-3-031-66245-4
VL - 91
T3 - Advances in Information Security
SP - 395
EP - 410
BT - Malware: Handbook of Prevention and Detection
A2 - Gritzalis, Dimitris
A2 - Choo, Kim-Kwang Raymond
A2 - Patsakis, Constantinos
PB - Springer Nature Switzerland
ER -