Virginia Tech® home

Understanding IoT Security from a Market-Scale Perspective

Paper Details


Internet of Things (IoT) products and services, which can sense and modify private user environments, are ubiquitous. To ensure security, an awareness of products on the market is critical.

Researchers developed a framework called IoTSpotter, which constructs a market-scale snapshot of mobile-IoT apps that interact with IoT devices. 

The study identified 37,783 mobile-IoT apps from Google Play and performed three major security analyses. They explored:

  • Cryptographic implementations.
  • Library usage.
  • App signatures. 

Researchers demonstrated the prevalence of critical vulnerabilities in mobile-IoT apps and their serious impact on IoT security and privacy. This showed the need to focus on mobile-IoT apps that are contextualized to IoT and to develop framework, techniques, data, and artifacts that enable large-scale IoT security.