Safe-Guarding Home IoT Environments with Personalised Real-time Risk Control

GHOST aims to deploy a highly usable and effective security framework for smart home residents. The project will apply behavioural design principles for the elaboration of a novel reference architecture for user-centric cyber security in smart home environments. This architecture will stimulate security-friendly user behaviour enforced by an unobtrusive and user-comprehensible solution. At the core of the GHOST solution lies a smart home network gateway, supporting a wide range of wired and wireless protocols, that will host the security toolset and the Blockchain defence infrastructure.
GHOST ambition is to provide to EU citizens professional level cybersecurity for smart-living. This project does not limit the vertical markets of application, but the solution will be tested in several specific markets for IoT solution in advanced telecare, continuous telehealth, energy, home automation and home security. Initially identified main stakeholders in the GHOST value-chain are regular citizens living in smart homes, as well as IoT and smart homes manufacturers.
GHOST aims to deploy a highly usable and effective security framework for smart home residents. The project will apply behavioural design principles for the elaboration of a novel reference architecture for user-centric cyber security in smart home environments. This architecture will stimulate security-friendly user behaviour enforced by an unobtrusive and user-comprehensible solution. At the core of the GHOST solution lies a smart home network gateway, supporting a wide range of wired and wireless technologies. A set of software-enabled security services will be embedded to the gateway with the ambition to offer corporate level security down to regular citizens for personal use in their homes. GHOST will equip consumers with their own cyber security inspection, discovery and decision toolset, and shift security focus paradigm from incoming data flows to the awareness and control of data going out. On top of this toolset, a Blockchain layer will be deployed for further enhancing the security of smart homes by leveraging appropriate smart contracts. GHOST embraces the notion of usable security to address users’ tendency to choose convenience over security, as well as security fatigue and desensitisation, which are pointed out as the root cause for the great majority of security and privacy breaches.

During the first year of the project, the main general objectives of the project were:
1. Work Teams Setup: A first target has been to integrate the work teams by the different partners and to set-up the information exchange and cooperation processes that guarantee the proper development of the project activities. This activity means not only setting up the initial Kick Off Meeting and verifying that contact points are provided at each partner’s organization, but also defining among the partners the “Who-does-What” rules and providing guidelines on how to elaborate the information to be exchanged between partners.
2. Project Activity Ramp-Up: The second objective has been to ramp up the different partners activities in order to establish an activity rate compatible with the project committed dates. GHOST is a small highly integrated project where the poor performance of a partner impacts directly on the overall project results. This means that this coordinated ramp up activity is critical during the first stages of the project, as long as different administrative structures and company sizes need to be tuned together for proper technical cooperation.
3. GHOST Architecture and first development of modules: The main target for this first project year has been to agree in a complete GHOST architecture that delivers the performances needed to cover all the application scenarios envisaged in the DoW. Having a clear definition of the final GHOST target and the associated requirements allows the partners to define a detailed work plan for the developments. Besides, another objective of this year was to achieve the first version of main building blocks of the GHOST solution, aligned with the committed schedule.

The main objectives and advances beyond the state of the art are:
- To deliver a usable cyber security solution for smart homes: GHOST targets to achieve a substantial increase in usability with minor or (where possible) no security trade-offs.
- To develop a highly automated security inspection framework and a resilient, decentralised self-defence mechanism for the connected home: the proposed cyber security inspection framework will encapsulate tools, such as detectors of malicious behaviour and network anomalies, that will allow GHOST to act as a context aware risk assessment tool by controlling data being sent by the access point and blocking or asking for users' permission only whenever it is needed.
- To enhance cyber security awareness and to provide control to individual citizens over their smart home security status and potential threats - malicious behaviour: a set of techniques and tools of the data representations will be applied to allow different levels of visual granularity (from simplistic up to medium-level) aligned with the respective user profiles . Smart home residents will set and adjust (regularly and/or on demand) their security and privacy policies through usable interfacing with GHOST.
- To identify and exploit security-friendly behavioural patterns so as to substantially reduce vulnerabilities induced by the human factor: GHOST will identify security friendly behavioural patterns and intuitively encourage/ stimulate their application through triggers integrated in the system.
- To provide effective response to multiple cybersecurity threats with a wide range of security performance indicators tailored to the end-user needs: GHOST will follow guidance documents, best practices and standards (issued by international, European and national stakeholders) at all stages of design and development.
- To establish an automated mechanism for sustaining or swiftly restoring end-users trust to the GHOST solution after a security and/or privacy breach: GHOST will offer a set of post-attack tools that will ensure (a) the threat has been neutralised/ removed with the minimum disturbance to the smart home residents; (b) the damage made has been assessed; (c) the connected home environment is/can be restored to its normal operational state; (d) the inspection framework has updated appropriately its detection capabilities and (e) the whole process and the pertinent data have been securely retained so that a forensics investigation of the incident is made possible.
- To demonstrate & validate the GHOST cyber-security solution in real-life conditions in smart home environments against security, usability and cost-effectiveness metrics: The GHOST solution will be rolled-out in 3 pilots in 3 different European countries at three stages of escalating difficulty, assessing its compatibilty con IoT based services.
With this advances, the project will increase the competitivity of European industry in cybersecurity and IoT markets, the awareness and empowerement of the society and the smart home users regarding cybersecurity tools, the innovation capability of the European companies and institutions and the resilience of cyber physical systems for home environments.