> Virtual Reality and Security Augmentation in Home And Office Environments
Virtual Reality and Security Augmentation in Home And Office Environments
March 9th, 2020
In a highly connected world filled with IOT devices and security-naïve users, how do we get users to update and patch their devices? Well, IOT SCOE researchers Cristina Serban and Wei Wang may have an answer. Just make a game out of it. The IOT SCOE’s research team recently filed a patent application proposing a new and interesting solution to this challenge.
With the average home having dozens of smart devices today, analysts promise us that the “connected consumer of tomorrow” will scale that number exponentially. Everything in our home will become more intelligent and interconnected. The problem of device management becomes an increasingly worrisome issue. Corporations struggle with this challenge every day and solve it by hiring fulltime security operations teams to manage updates and patches. This problem now finds its way into our homes.
As the number of IoT devices increases exponentially, it’s likely that these devices will be compromised. Most home users have a fire-and-forget attitude to deploying new IoT devices. Start the device up, register it on the home network and forget all about it. But new vulnerabilities are discovered every day and if appropriate actions are not taken right away, the attack surface in the home keeps on growing larger and larger. And one compromised device can be the first domino to fall. Your smart light bulb could be the reason you get malware on your laptop or give a remote attacker access to your home security system. It is critical to fix a small problem in time to prevent big problems happening, a version of the “broken windows theory” applied to the smart home.
Our researchers suggest using Virtual/Augmented Reality (VR/AR) to educate and enable non-tech savvy users to secure their homes. Something as simple as changing the default username and password can stump an inexperienced person who has anxiety about technology. Now it can be as simple as waving your hand at the device.
This works by making it a game. Walk through your home wearing a headset or with a smart phone app and now you can “see” the problems in vivid color with easy-to-handle recommendations for corrective action. The app can interact with cloud resources and third-party databases seamlessly to recognize the device, analyze it, and then show the user what they need to do. Through a game interface presented via VR/AR, the system discovers IoT devices in a home/office environment, then identifies vulnerabilities on these devices. The device identifies itself and the system does the rest. It looks up resolutions and recommends the best course of action. Users can choose to interact with the devices to fix issues or can even ask their service provider to help remotely. Users even gain security expertise through the experience, and they gain rewards in this game by fixing problems.
Education is a key tool in our collective security tool box and so many security issues are rooted in knowledge. We need better ways of informing and educating our users. Common sense resolutions and constant vigilance goes long way to helping our customers be safer. We are building prototypes in our Hacking Corner in Middletown to demonstrate this technology. Someday we hope you’ll see it in action in your own homes!