When we hear the term ‘smart home’, many of us probably think about asking Google for the latest forecast or having Alexa play our favourite song. But these smart devices are just the tip of the iceberg. A truly smart home is one that uses automated technology for everything from appliances, lighting, heating, security, sound and systems to – even the window blinds. Through the Internet of Things (IoT), these smart devices talk to each other to create a fully integrated ecosystem. But with the increasing use of smart technology inside the home comes an increasing cybersecurity risk. The EU-supported GHOST project has been looking at ways to manage this risk. The team is developing a usable cybersecurity solution for smart homes. “GHOST envisions a transparent cybersecurity environment for all Europeans living in a connected world,” says José Manuel Álvarez, innovation and project manager at Televés Corporation, the project’s coordinating partner. “With minimal effort, consumers will be aware of the cybersecurity risks they face and be able to make informed decisions to mitigate these risks.”
Corporate-level security for in-home use
The project’s objective was to deploy a highly useable and effective security framework for smart home residents. To do this, researchers applied behavioural design principles to create a user-centric security solution. “The GHOST architecture stimulates security-friendly user behaviour that is enforced via an unobtrusive, easy-to-understand solution,” explains Álvarez. GHOST is comprised of a software solution embedded in smart home network gateways. Using machine learning and data analytics, the solution performs network analysis and deep packet inspections for suspicious patterns and malicious behaviour. GHOST also uses blockchain to further enhance the security of smart homes by leveraging appropriate smart contracts. “A GHOST-enabled home provides the user with real-time analysis of all the connections and data being exchanged between their connected devices and outside services,” adds Álvarez. “The system then notifies the user of any suspicious connection, when new data is exchanged, or a device changes from its usual server.” The result is a corporate-level security service for private, in-home use.
A self-defence mechanism for the connected home
The project succeeded at creating a highly automated security inspection framework and a resilient, decentralised self-defence mechanism for the connected home. In doing so, GHOST has empowered individuals to take control over their own privacy and security. “By equipping consumers with their own convenient cybersecurity inspection, discovery and decision toolset, we’ve shifted the focus of cybersecurity from incoming data flows to awareness and control of the outgoing data,” concludes Álvarez. The GHOST solution was validated via large-scale, long-term trials conducted in real-life conditions, including assisted living and private homes located in Norway, Romania and Spain.
GHOST, cybersecurity, connected home, smart home, data breaches, Internet of Things, IoT, machine learning, blockchain