Understanding the security and Privacy of Smart home devices.

Lead Research Organisation: King's College London
Department Name: Informatics


The focus of my research is to understand the security and privacy issues in smart home devices such as intelligent personal assistants from social aspect. The objectives of my research are: Firstly understand the ecosystem of smart home devices, secondly identify the privacy and security vulnerabilities of the devices and finally propose and implement threat model for addressing any vulnerabilities identified.
To better understand the research area, I have studied the related scientific literature to highlight the issue but most importantly identify the research gap. Having done so, I was able to propose a user study to examine the research objectives and answer some elements of it. The aim of the user study is to understand the usability, security and privacy of intelligent personal assistants. This is done focusing on two popular smart home personal assistants: Amazon Echo and Google Home examining their functionalities/features, security and privacy vulnerabilities.
This research project will implement different research methods to answer the key objectives of the project. For the user study, grounded theory method is implemented conducting semi structured interviews with smart home personal assistant users. Grounded theory allows to generate theories in data that has been collected and analysed. It allows us to identify themes and categories between the data and create conclusions [1]. Finally to analyse the data, Nvivo tool will be used [2].
User study:
The user study consists of two stages: Screening for participants and semi structured interviews. The first stage will ensure that legitimate users are recruited to take part in the study. To do this, Prolific academic will be used as a recruitment tool [3] alongside SurveyPlanet for collecting responses [4]. The screening questions implement true or false statements to identify those that have answered correctly therefore qualified for an interview.
The second stage of the study is the semi structured interviews. The interview questions aim to understand the ecosystem of those devices, users' perceptions and mental models in terms of how data is shared, processed and stored by these devices and their manufactures. In addition the study seeks to identify the security and privacy risks and/or concerns associated in using these devices examining certain capabilities such as voice authentication, voice purchasing and more.
The findings of the study will identify whether the results have met the key objectives identified above, if so the second stage is to design and implement the next experiment for this project. The results of the user study and future experiments will enable me to meet the research objectives proposing the threat model and mitigation strategies for the security and privacy of smart home devices.


10 25 50

Studentship Projects

Project Reference Relationship Related To Start End Student Name
NE/W503137/1 03/03/2021 30/03/2022
1976237 Studentship NE/W503137/1 30/09/2017 31/12/2021 Noura Abdi