Dingding Wang,Muhui Jiang,Rui Chang,Yajin Zhou,Hexiang Wang,Baolei Hou,Lei Wu,Xiapu Luo

DOI: https://doi.org/10.1109/tdsc.2023.3334017

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:IoT devices are becoming popular. Meanwhile, researchers are actively working on improving the security of IoT devices. However, previous works ignore the insecurity caused by a special category of devices, i.e., the End-of-Life (EoL) devices. Once a product becomes End-of-Life, vendors tend to no longer maintain its firmware or software, including fixing bugs and patching vulnerabilities. This makes EoL devices susceptible to attacks. For instance, a report showed that an EoL model with thousands of active devices was exploited to redirect web traffic for malicious purposes. In this paper, we conduct the first empirical study to shed light on the (in)security of EoL devices. To this end, our study performs two types of analysis, including the liveness analysis and the vulnerability analysis . The first one aims to detect the scale of EoL devices that are still alive in the wild. The second one is to evaluate the vulnerabilities existing in (active) EoL devices. We applied our approach to a large number of EoL models from three vendors (i.e., D-Link, Tp-Link, and Netgear) and detect the alive devices in a time period of more than two years . Our study reveals some worrisome facts that were unknown by the community. For instance, there exist a large number (more than 3 million) of active EoL devices. Some devices (more than 1 million) are still alive even after five years since EoL. Furthermore, more than half of the vulnerabilities (182 of 294) are discovered after the EoL date. Although vendors may release security patches after the EoL date, the process is ad hoc and incomplete, with only limited functionality. Furthermore, these patches can have side effects, such as providing valuable information to attackers. In summary, more than 2 million active EoL devices are vulnerable, and nearly half of them are threatened by high-risk vulnerabilities. Attackers can achieve a minimum of 8.67 Tbps DDoS attack by exploiting OS command injection vulnerabilities and compromising a large number of active EoL devices. We believe these facts pose a clear call for more attention to deal with the security issues of EoL devices.

Xiaoyu Ji,Wenjun Zhu,Shilin Xiao,Wenyuan Xu

DOI: https://doi.org/10.1038/s44287-024-00073-2

2024-01-01

Abstract:Sensors are extensively used in the Internet of Things (IoT) applications, enhancing daily convenience but also raising concerns about privacy leakage. To address this, we advocate for protecting data privacy at the moment it is generated by sensors, rather than trying to secure it afterwards.

沈斌,刘渊

DOI: https://doi.org/10.15994/j.1000-0763.2011.06.003

2011-01-01

Abstract:The Internet of things (IoT) is called the third wave of information industry revolution, which will affect and change people's daily life profoundly. In the process of using IoT, it is urgent for us to face and solve the problem of security and privacyprotection. In this paper, we explain the new features of security and privacy protection in the applications of IoT, and reveal thepotential security risks and privacy violation produced by viruses and hackers in the IoT. This article also presents the importantpoints for security and privacy protection of IoT from the technical and legal perspective respectively, and points out principles forharmonious using of IoT. At last, the corresponding countermeasures are also put forward. It is important for our country to establishthe security system and build the green culture for IoT.

Yuhong Nan,Xueqiang Wang,Luyi Xing,Xiaojing Liao,Ruoyu Wu,Jianliang Wu,Yifan Zhang,XiaoFeng Wang

2023-01-01

Abstract:Recent research has highlighted privacy as a primary concern for IoT device users. However, due to the challenges in conducting a large-scale study to analyze thousands of devices, there has been less study on how pervasive unauthorized data exposure has actually become on today's IoT devices and the privacy implications of such exposure. To fill this gap, we leverage the observation that most IoT devices on the market today use their companion mobile apps as an intermediary to process, label and transmit the data they collect. As a result, the semantic information carried by these apps can be recovered and analyzed automatically to track the collection and sharing of IoT data. In this paper, we report the first of such a study, based upon a new framework IoTProfiler, which statically analyzes a large number of companion apps to infer and track the data collected by their IoT devices. Our approach utilizes machine learning to detect the code snippet in a companion app that handles IoT data and further recovers the semantics of the data from the snippet to evaluate whether their exposure has been properly communicated to the user. By running IoTPro-filer on 6,208 companion apps, our research has led to the discovery of 1,973 apps that expose user data without proper disclosure, covering IoT devices from at least 1,559 unique vendors. Our findings include highly sensitive information, such as health status and home address, and the pervasiveness of unauthorized sharing of the data to third parties, including those in different countries. Our findings highlight the urgent need to regulate today's IoT industry to protect user privacy.

Kai-Chih Chang,Haoran Niu,Brian Kim,Suzanne Barber

DOI: https://doi.org/10.3390/e26070561

2024-06-29

Abstract:A user's devices such as their phone and computer are constantly bombarded by IoT devices and associated applications seeking connection to the user's devices. These IoT devices may or may not seek explicit user consent, thus leaving the users completely unaware the IoT device is collecting, using, and/or sharing their personal data or, only marginal informed, if the user consented to the connecting IoT device but did not read the associated privacy policies. Privacy policies are intended to inform users of what personally identifiable information (PII) data will be collected about them and the policies about how those PII data will be used and shared. This paper presents novel tools and the underlying algorithms employed by the Personal Privacy Assistant app (UTCID PPA) developed by the University of Texas at Austin Center for Identity to inform users of IoT devices seeking to connect to their devices and to notify those users of potential privacy risks posed by the respective IoT device. The assessment of these privacy risks must deal with the uncertainty associated with sharing the user's personal data. If privacy risk (R) equals the consequences (C) of an incident (i.e., personal data exposure) multiplied by the probability (P) of those consequences occurring (C × P), then efforts to control risks must seek to reduce the possible consequences of an incident as well as reduce the uncertainty of the incident and its consequences occurring. This research classifies risk according to two parameters: expected value of the incident's consequences and uncertainty (entropy) of those consequences. This research calculates the entropy of the privacy incident consequences by evaluating: (1) the data sharing policies governing the IoT resource and (2) the type of personal data exposed. The data sharing policies of an IoT resource are scored by the UTCID PrivacyCheck™, which uses machine learning to read and score the IoT resource privacy policies against metrics set forth by best practices and international regulations. The UTCID Identity Ecosystem uses empirical identity theft and fraud cases to assess the entropy of privacy incident consequences involving a specific type of personal data, such as name, address, Social Security number, fingerprint, and user location. By understanding the entropy of a privacy incident posed by a given IoT resource seeking to connect to a user's device, UTCID PPA offers actionable recommendations enhancing the user's control over IoT connections, interactions, their personal data, and, ultimately, user-centric privacy control.

Burkhard Schafer

DOI: https://doi.org/10.29173/irie131

2014-12-01

The International Review of Information Ethics

Abstract:Proliferation of data processing and data storage devices in the Internet of Things poses significant privacy risks. At the same time, faster and faster use-cycles and obsolescence of devices with electronic components causes environmental problems. Some of the solutions to the environmental challenges of e-waste include mandatory recycling schemes as well as informal second hand markets. However, the data security and privacy implications of these green policies are as yet badly understood. This paper argues that based on the experience with second hand markets in desktop computers, it is very likely that data that was legitimately collected under the household exception of the Data Protection Directive will “leak” into public spheres. Operators of large recycling schemes may find themselves inadvertently and unknowingly to be data controller for the purpose of Data Protection law, private resale of electronic devices can expose the prior owner to significant privacy risks.

Shuodi Hui,Zhenhua Wang,Xueshi Hou,Xiao Wang,Huandong Wang,Yong Li,Depeng Jin

DOI: https://doi.org/10.1109/jiot.2020.3038639

IF: 10.6

2021-05-01

IEEE Internet of Things Journal

Abstract:Privacy leakage of Internet of Things (IoT) has become a great challenge with the popularity of IoT services through mobile networks, such as smart homes, wearables, and healthcare. While previous work summarized general structures to analyze IoT privacy and provide case studies of specific devices or scenarios, it is still challenging to conduct a comprehensive and systematic quantification study of large-scale IoT privacy leakage in real world. To combine systematic analyses with real-world measurements, we provide a method to quantify IoT privacy leakage on a large-scale mobile network traffic data set containing 47651 IoT devices. We generate privacy fingerprints and attribute them to a privacy quantification framework. The framework is constructed based on the semantics of multiple privacy sensitive markers selected from the traffic along with the involved network entity types in IoT (i.e., user, device, and platform), and the fingerprints are generated from sensitive information extracted in the traffic via their markers. Our quantification shows that IoT users, devices, and platforms have considerable risks, respectively. Moreover, IoT devices have a larger scale of privacy leakage than users and platforms, and they perform different daily patterns on privacy leakage following their working conditions. In addition, we present three case studies on the leakage of location information, application calling, and voice service, which illustrate that a third party can profile a network entity in both cyberspace and physical space.

computer science, information systems,telecommunications,engineering, electrical & electronic

Binbin Zhao,Shouling Ji,Wei-Han Lee,Changting Lin,Haiqin Weng,Jingzheng Wu,Pan Zhou,Liming Fang,Raheem Beyah

DOI: https://doi.org/10.1109/tdsc.2020.3037908

2020-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The Internet of Things (IoT) has become ubiquitous and greatly affected peoples' daily lives. With the increasing development of IoT devices, the corresponding security issues are becoming more and more challenging. Such a severe security situation raises the following questions that need urgent attention: What are the primary security threats that IoT devices face currently? How do vendors and users deal with these threats? In this article, we aim to answer these critical questions through a large-scale systematic study. Specifically, we perform a ten-month-long empirical study on the vulnerability of 1,362,906 IoT devices varying from six types. The results show sufficient evidence that N-days vulnerability is seriously endangering the IoT devices: 385,060 (28.25 percent) devices suffer from at least one N-days vulnerability. Moreover, 2669 of these vulnerable devices may have been compromised by botnets. We further reveal the massive differences among five popular IoT search engines: Shodan [1], Censys [2], [3], Zoomeye [4], Fofa [5], and NTI [6]. To study whether vendors and users adopt defenses against the threats, we measure the security of MQTT [7] servers, and identify that 12740 (88 percent) MQTT servers have no password protection. Our analysis can serve as an important guideline for investigating the security of IoT devices, as well as advancing the development of a more secure environment for IoT systems.

Eyhab Al-Masri,Daniel Joy,O. Kotevska

DOI: https://doi.org/10.1109/ECICE55674.2022.10042926

2022-10-28

Abstract:Although the number of smart Internet of Things (IoT) devices has grown in recent years, the public's perception of how effectively these devices secure IoT data has been questioned. Many IoT users do not have a good level of confidence in the security or privacy procedures implemented within IoT smart devices for protecting personal IoT data. Moreover, determining the level of confidence end users have in their smart devices is becoming a major challenge. In this paper, we present a study that focuses on identifying privacy concerns IoT end users have when using IoT smart devices. We investigated multiple smart devices and conducted a survey to identify users’ privacy concerns. Furthermore, we identify five IoT privacy-preserving (IoTPP) control policies that we define and employ in comparing the privacy measures implemented by various popular smart devices. Results from our study show that the over 86% of participants are very or extremely concerned about the security and privacy of their personal data when using smart IoT devices such as Google Nest Hub or Amazon Alexa. In addition, our study shows that a significant number of IoT users may not be aware that their personal data is collected, stored or shared by IoT devices.

Engineering,Computer Science

Jun Du,Chunxiao Jiang,Erol Gelenbe,Lei Xu,Jianhua Li,Yong Ren

DOI: https://doi.org/10.1109/mwc.2017.1800094

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:Recently, the Internet of Things (IoT) has penetrated many aspects of the physical world to realize different applications. Through IoT, these applications generate, exchange, aggregate, and analyze a vast amount of security-critical and privacy- sensitive data, which makes them attractive targets of attacks. Therefore, it is rather necessary for IoT systems to be equipped with the ability to resist security and privacy risks when fulfilling the desired functional requirements and services. To achieve these goals, there are many new challenges for IoT to implement privacy preserving data manipulation. First, data analysts need to process privacy-sensitive data to extract the expected information without privacy disclosure. In addition, many privacy related factors, including privacy valuation and risk assessment, affect sensitive and private data trading between data owners and requesters. Moreover, the data owners' security behavior also plays an important role in privacy protection in IoT applications. Concerning these issues, this article introduces and surveys privacy preserving techniques in the processes of data aggregation, trading, and analysis: the balance between data analysis and privacy preservation from the data analysts' perspective, secure data trading from the perspective of data owners and requesters, and secure private data aggregation from the data owners' perspective.

Sakshi Rai,Ujawal Rai,Chetan Randhye,Achal Amrutkar,Prof. Manisha More

DOI: https://doi.org/10.22214/ijraset.2023.57413

2023-12-31

International Journal for Research in Applied Science and Engineering Technology

Abstract:Abstract: The proliferation of Internet of Things (IoT) devices has transformed the way we interact with the digital world, offering unprecedented connectivity and convenience. However, this rapid expansion brings forth profound challenges concerning privacy, data protection, and security. This survey paper comprehensively explores the multifaceted landscape of IoT, dissecting its architecture, and delving into the intricate web of concerns surrounding user privacy, data safeguarding, and system security.Beginning with an examination of the IoT architecture, we dissect the interconnected layers, ranging from sensors to cloud platforms, illustrating the intricate pathways of data flow. The survey meticulously unfolds the privacy challenges embedded in the constant data collection, tracking, and profiling mechanisms intrinsic to IoT devices. Drawing on real-world examples, we underscore the tangible consequences of privacy breaches and the potential erosion of user trust.In the realm of data protection, we delve into the complexities of safeguarding data integrity, confidentiality, and availability within the IoT ecosystem. Regulatory frameworks, notably the General Data Protection Regulation (GDPR), are scrutinized for their impact on shaping data protection practices. Concurrently, the paper uncovers common security threats in IoT, emphasizing vulnerabilities in devices and the looming risks associated with unauthorized access and data breaches.Navigating through the regulatory landscape, the survey provides an overview of existing standards and regulations governing IoT. Case studies spotlight instances of privacy breaches, data protection lapses, and security vulnerabilities, offering practical insights into the implications of these incidents. Mitigation strategies, encompassing encryption, authentication, and access control, are explored to address the identified concerns.As the paper concludes, it synthesizes the key findings, emphasizing the urgency of continued efforts to fortify IoT against privacy, data protection, and security challenges. The survey anticipates future trends and challenges, offering a roadmap for researchers, policymakers, and industry stakeholders to collectively forge a secure and privacy-aware IoT landscape.

Su Wang,Keyang Yu,Qi Li,Dong Chen

2024-06-15

Abstract:The Internet traffic data produced by the Internet of Things (IoT) devices are collected by Internet Service Providers (ISPs) and device manufacturers, and often shared with their third parties to maintain and enhance user services. Unfortunately, on-path adversaries could infer and fingerprint users' sensitive privacy information such as occupancy and user activities by analyzing these network traffic traces. While there's a growing body of literature on defending against this side-channel attack-malicious IoT traffic analytics (TA), there's currently no systematic method to compare and evaluate the comprehensiveness of these existing studies. To address this problem, we design a new low-cost, open-source system framework-IoT Traffic Exposure Monitoring Toolkit (ITEMTK) that enables people to comprehensively examine and validate prior attack models and their defending approaches. In particular, we also design a novel image-based attack capable of inferring sensitive user information, even when users employ the most robust preventative measures in their smart homes. Researchers could leverage our new image-based attack to systematize and understand the existing literature on IoT traffic analysis attacks and preventing studies. Our results show that current defending approaches are not sufficient to protect IoT device user privacy. IoT devices are significantly vulnerable to our new image-based user privacy inference attacks, posing a grave threat to IoT device user privacy. We also highlight potential future improvements to enhance the defending approaches. ITEMTK's flexibility allows other researchers for easy expansion by integrating new TA attack models and prevention methods to benchmark their future work.

Cryptography and Security,Systems and Control

Shradha Neupane,Faiza Tazi,Upakar Paudel,Freddy Freddy Veloz Baez,Merzia Adamjee,Lorenzo De Carli,Sanchari Das,Indrakshi Ray

DOI: https://doi.org/10.2139/ssrn.4121997

2022-01-01

SSRN Electronic Journal

Abstract:Most Internet of Things (IoT) devices provide access through mobile companion apps to configure, update, and control the devices. In many cases, these apps handle all user data moving in and out of devices and cloud endpoints. Thus, they constitute a critical component in the IoT ecosystem from a privacy standpoint, but they have historically been understudied. In this paper, we perform a latitudinal study and analysis of a sample of 455 IoT companion apps to understand their privacy posture using various methods and evaluate whether apps follow best practices. Specifically, we focus on three aspects: data privacy, security, and risk. Our findings indicate: (i) apps may over-request permissions , particularly for tasks that are not related to their functioning; and (ii) there is widespread use of programming and configuration practices which may reduce security, with the concerning extreme of two apps transmitting credentials in unencrypted form.

Qingsong Zou,Qing Li,Ruoyu Li,Yucheng Huang,Gareth Tyson,Jingyu Xiao,Yong Jiang

DOI: https://doi.org/10.1145/3580890

2023-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:With the deployment of a growing number of smart home IoT devices, privacy leakage has become a growing concern. Prior work on privacy-invasive device localization, classification, and activity identification have proven the existence of various privacy leakage risks in smart home environments. However, they only demonstrate limited threats in real world due to many impractical assumptions, such as having privileged access to the user's home network. In this paper, we identify a new end-to-end attack surface using IoTBeholder, a system that performs device localization, classification, and user activity identification. IoTBeholder can be easily run and replicated on commercial off-the-shelf (COTS) devices such as mobile phones or personal computers, enabling attackers to infer user's habitual behaviors from smart home Wi-Fi traffic alone. We set up a testbed with 23 IoT devices for evaluation in the real world. The result shows that IoTBeholder has good device classification and device activity identification performance. In addition, IoTBeholder can infer the users' habitual behaviors and automation rules with high accuracy and interpretability. It can even accurately predict the users' future actions, highlighting a significant threat to user privacy that IoT vendors and users should highly concern.

Nan Zhang,Soteris Demetriou,Xianghang Mi,Wenrui Diao,Kan Yuan,Peiyuan Zong,Feng Qian,XiaoFeng Wang,Kai Chen,Yuan Tian,Carl A. Gunter,Kehuan Zhang,Patrick Tague,Yue-Hsun Lin

DOI: https://doi.org/10.48550/arXiv.1703.09809

2017-03-29

Abstract:Inspired by the boom of the consumer IoT market, many device manufacturers, start-up companies and technology giants have jumped into the space. Unfortunately, the exciting utility and rapid marketization of IoT, come at the expense of privacy and security. Industry reports and academic work have revealed many attacks on IoT systems, resulting in privacy leakage, property loss and large-scale availability problems. To mitigate such threats, a few solutions have been proposed. However, it is still less clear what are the impacts they can have on the IoT ecosystem. In this work, we aim to perform a comprehensive study on reported attacks and defenses in the realm of IoT aiming to find out what we know, where the current studies fall short and how to move forward. To this end, we first build a toolkit that searches through massive amount of online data using semantic analysis to identify over 3000 IoT-related articles. Further, by clustering such collected data using machine learning technologies, we are able to compare academic views with the findings from industry and other sources, in an attempt to understand the gaps between them, the trend of the IoT security risks and new problems that need further attention. We systemize this process, by proposing a taxonomy for the IoT ecosystem and organizing IoT security into five problem areas. We use this taxonomy as a beacon to assess each IoT work across a number of properties we define. Our assessment reveals that relevant security and privacy problems are far from solved. We discuss how each proposed solution can be applied to a problem area and highlight their strengths, assumptions and constraints. We stress the need for a security framework for IoT vendors and discuss the trend of shifting security liability to external or centralized entities. We also identify open research problems and provide suggestions towards a secure IoT ecosystem.

Cryptography and Security

Abasi-amefon Obot Affia,Hilary Finch,Woosub Jung,Issah Abubakari Samori,Lucas Potter,Xavier-Lewis Palmer

DOI: https://doi.org/10.3390/iot4020009

2023-05-25

IoT

Abstract:The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of attacks are possible. To understand the risks in this new landscape, it is important to understand the architecture of IoTHDs, operations, and the social dynamics that may govern their interactions. This paper aims to document and create a map regarding IoTHDs, lay the groundwork for better understanding security risks in emerging IoTHD modalities through a multi-layer approach, and suggest means for improved governance and interaction. We also discuss technological innovations expected to set the stage for novel exploits leading into the middle and latter parts of the 21st century.

Yiwei Zhang,Siqi Ma,Juanru Li,Dawu Gu,Elisa Bertino

DOI: https://doi.org/10.1109/dsn53405.2022.00055

2022-01-01

Abstract:Today users can access and/or control their IoT devices using mobile apps. Such interactions often rely on IoT-to-Mobile communication that supports direct data exchanges between IoT devices and smartphones. To guarantee mutual authentication and encrypted data transmission in IoT-to-Mobile communications while keeping lightweight implementation, IoT devices and smartphones often share credentials in advance with the help of a cloud server. Since these credentials impact communication security, in this paper we seek to understand how such sensitive materials are implemented. We design a set of analysis techniques and implement them in KINGFISHER, an analysis framework. KINGFISHER identifies shared credentials, tracks their uses, and examines violations against nine security properties that the implementation of credentials should satisfy. With an evaluation of eight real-world IoT solutions with more than 35 million deployed devices, KINGFISHER revealed that all these solutions involve insecurely used credentials, and are subject to privacy leakage or device hijacking.

Shujuan Wang,Jian Wang,Zhengtao Yu

DOI: https://doi.org/10.1109/mwc.2017.1800109

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:Wireless IoT is a promising area in which large quantities of data and information are collected, exchanged, and stored constantly. While these data and information are utilized for good purposes in wireless IoT, great risks arise in that attackers are seeking to exploit the merits of this new technology for their own benefits. In such a resource-constrained environment, devices are easily exposed to various attacks. Confidential private information is as valuable as it is vulnerable. It is difficult for end users to trust wireless IoT and to adopt related applications due to the lack of satisfactory privacy-preserving mechanisms, which has become the major obstacle for the adoption and popularization of wireless IoT. In this article, we first introduce the classical application scenarios of wireless IoT, along with related security and privacy attack models. We then present a brief overview of privacy-preserving schemes of wireless IoT. Based on the classification of application scenarios, we further present recent advances in privacy-preserving mechanisms in wireless IoT. Finally, we discuss open issues and future research directions for these application scenarios in wireless IoT.

Batoul Modarress Fathi,Alexander Ansari,Al Ansari

DOI: https://doi.org/10.3390/su141610161

IF: 3.9

2022-08-17

Sustainability

Abstract:Human activities are at the heart of interactions between physical and digital spheres enabled by the Internet and the proliferation of Internet-of-Things (IoT) devices destined to be discarded. The rejected devices, called e-waste, contain toxic substances that negatively impact environmental sustainability. There are no studies to examine the impacts of the Internet and IoT on the sheer volume of e-waste, which is the objective of this paper. Based on an extensive literature review, two propositions were advanced, and three secondary datasets were used to test the propositions from 2000 to 2021. The first dataset relates to the world Internet penetration through variables associated with network accessibility. The second dataset is linked to the global proliferation of the IoT through its technological functionality. The third dataset is the worldwide volume of e-waste measured in millions of metric tons. Our findings indicate that the Internet and the IoT play pivotal roles in the e-waste crisis. Network accessibility and technological functionality significantly and positively influence the variability in the volume of e-waste, thus threatening environmental sustainability. Several actionable recommendations encourage developers, politicians, policymakers, and users of electronic devices to pay closer attention to the escalating size of e-waste threatening environmental sustainability.

environmental sciences,environmental studies,green & sustainable science & technology

Qingsong Zou,Qing Li,Ruoyu Li,Yucheng Huang,Gareth Tyson,Jingyu Xiao,Yong Jiang

DOI: https://doi.org/10.1145/3580890

2023-01-01

Abstract:With the deployment of a growing number of smart home IoT devices, privacy leakage has become a growing concern. Prior work on privacy-invasive device localization, classification, and activity identification have proven the existence of various privacy leakage risks in smart home environments. However, they only demonstrate limited threats in real world due to many impractical assumptions, such as having privileged access to the user's home network. In this paper, we identify a new end-to-end attack surface using IoTBeholder, a system that performs device localization, classification, and user activity identification. IoTBeholder can be easily run and replicated on commercial off-the-shelf (COTS) devices such as mobile phones or personal computers, enabling attackers to infer user's habitual behaviors from smart home Wi-Fi traffic alone. We set up a testbed with 23 IoT devices for evaluation in the real world. The result shows that IoTBeholder has good device classification and device activity identification performance. In addition, IoTBeholder can infer the users' habitual behaviors and automation rules with high accuracy and interpretability. It can even accurately predict the users' future actions, highlighting a significant threat to user privacy that IoT vendors and users should highly concern.