부산대학교 도서관

Smart homes (SHs) are rapidly evolving to incorporate intelligent features, including environment management, home automation, and human–machine interactions. However, safety and security risks of SHs hinder their wide adoption. Many work attempts to provide defense mechanisms to ensure safety and security against interrule vulnerabilities and spoofing attacks. This article proposes IoTFuzz, a fuzzing framework that dynamically address cyber security and physical safety aspects of SHs through targeted policies. IoTFuzz mutates the inputs from policies, human activities, indoor environment, and real-life outdoor weather conditions. In addition to the binary status of devices, the continuous-value status in SHs is leveraged to perform mutation and simulation. The policies are expressed as temporal logic formulas with time constraints. For large-scale testing, IoTFuzz employs digital twins to simulate normal behaviors, outdoor environment impacts, and human activities in SHs. Moreover, IoTFuzz can also intelligently infer rule-policy correlation based on natural language processing (NLP) techniques. The evaluation of IoTFuzz in a configured SH with 15 rules and 10 predefined unique policies demonstrates its effectiveness in revealing the impacts of real-life outdoor environment. The experimental results demonstrate a range of violations, with a maximum of 4154 violations and a minimum of 41 violations observed over an 8-year period under varying weather conditions. IoTFuzz also identifies the potential risks associated with improper human activities, accounting for up to 35.4% of risky situations in SHs.