Poster:Watch out your smartwatch when paired

Youngjoo Lee, Won Seok Yang, Taekyoung Kwon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

We coin a new term called data transfusion as a phenomenon that a user experiences when pairing a wearable device with the host device. A large amount of data stored in the host device (e.g., a smartphone) is forcibly copied to the wearable device (e.g., a smart watch) due to pairing while the wearable device is usually less a.ended. To the best of knowledge, there is no previous work that manipulates how sensitive data is transfused even without user's consent and how users perceive and behave regarding such a phenomenon for smart watches. We tackle this problem by conducting an experimental study of data extraction from commodity devices, such as in Android Wear, watchOS, and Tizen platforms, and a following survey study with 205 smart watch users, in two folds. .e experimental studies have shown that a large amount of sensitive data was transfused, but there was not enough user noti.cation. .e survey results have shown that users have lower perception on smart watches for security and privacy than smartphones, but they tend to set the same passcode on both devices when needed. Based on the results, we perform risk assessment and discuss possible mitigation that involves volatile transfusion.

Original languageEnglish
Title of host publicationCCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages2527-2529
Number of pages3
ISBN (Electronic)9781450349468
DOIs
Publication statusPublished - 2017 Oct 30
Event24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 - Dallas, United States
Duration: 2017 Oct 302017 Nov 3

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
CountryUnited States
CityDallas
Period17/10/3017/11/3

Fingerprint

Watches
Smartphones
Risk assessment
Positive ions
Wear of materials

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

Lee, Y., Yang, W. S., & Kwon, T. (2017). Poster:Watch out your smartwatch when paired. In CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 2527-2529). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3133956.3138831
Lee, Youngjoo ; Yang, Won Seok ; Kwon, Taekyoung. / Poster:Watch out your smartwatch when paired. CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2017. pp. 2527-2529 (Proceedings of the ACM Conference on Computer and Communications Security).
@inproceedings{5ef0f902060d45848af5186fa8947ce1,
title = "Poster:Watch out your smartwatch when paired",
abstract = "We coin a new term called data transfusion as a phenomenon that a user experiences when pairing a wearable device with the host device. A large amount of data stored in the host device (e.g., a smartphone) is forcibly copied to the wearable device (e.g., a smart watch) due to pairing while the wearable device is usually less a.ended. To the best of knowledge, there is no previous work that manipulates how sensitive data is transfused even without user's consent and how users perceive and behave regarding such a phenomenon for smart watches. We tackle this problem by conducting an experimental study of data extraction from commodity devices, such as in Android Wear, watchOS, and Tizen platforms, and a following survey study with 205 smart watch users, in two folds. .e experimental studies have shown that a large amount of sensitive data was transfused, but there was not enough user noti.cation. .e survey results have shown that users have lower perception on smart watches for security and privacy than smartphones, but they tend to set the same passcode on both devices when needed. Based on the results, we perform risk assessment and discuss possible mitigation that involves volatile transfusion.",
author = "Youngjoo Lee and Yang, {Won Seok} and Taekyoung Kwon",
year = "2017",
month = "10",
day = "30",
doi = "10.1145/3133956.3138831",
language = "English",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "2527--2529",
booktitle = "CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security",

}

Lee, Y, Yang, WS & Kwon, T 2017, Poster:Watch out your smartwatch when paired. in CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 2527-2529, 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, United States, 17/10/30. https://doi.org/10.1145/3133956.3138831

Poster:Watch out your smartwatch when paired. / Lee, Youngjoo; Yang, Won Seok; Kwon, Taekyoung.

CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2017. p. 2527-2529 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Poster:Watch out your smartwatch when paired

AU - Lee, Youngjoo

AU - Yang, Won Seok

AU - Kwon, Taekyoung

PY - 2017/10/30

Y1 - 2017/10/30

N2 - We coin a new term called data transfusion as a phenomenon that a user experiences when pairing a wearable device with the host device. A large amount of data stored in the host device (e.g., a smartphone) is forcibly copied to the wearable device (e.g., a smart watch) due to pairing while the wearable device is usually less a.ended. To the best of knowledge, there is no previous work that manipulates how sensitive data is transfused even without user's consent and how users perceive and behave regarding such a phenomenon for smart watches. We tackle this problem by conducting an experimental study of data extraction from commodity devices, such as in Android Wear, watchOS, and Tizen platforms, and a following survey study with 205 smart watch users, in two folds. .e experimental studies have shown that a large amount of sensitive data was transfused, but there was not enough user noti.cation. .e survey results have shown that users have lower perception on smart watches for security and privacy than smartphones, but they tend to set the same passcode on both devices when needed. Based on the results, we perform risk assessment and discuss possible mitigation that involves volatile transfusion.

AB - We coin a new term called data transfusion as a phenomenon that a user experiences when pairing a wearable device with the host device. A large amount of data stored in the host device (e.g., a smartphone) is forcibly copied to the wearable device (e.g., a smart watch) due to pairing while the wearable device is usually less a.ended. To the best of knowledge, there is no previous work that manipulates how sensitive data is transfused even without user's consent and how users perceive and behave regarding such a phenomenon for smart watches. We tackle this problem by conducting an experimental study of data extraction from commodity devices, such as in Android Wear, watchOS, and Tizen platforms, and a following survey study with 205 smart watch users, in two folds. .e experimental studies have shown that a large amount of sensitive data was transfused, but there was not enough user noti.cation. .e survey results have shown that users have lower perception on smart watches for security and privacy than smartphones, but they tend to set the same passcode on both devices when needed. Based on the results, we perform risk assessment and discuss possible mitigation that involves volatile transfusion.

UR - http://www.scopus.com/inward/record.url?scp=85041448091&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85041448091&partnerID=8YFLogxK

U2 - 10.1145/3133956.3138831

DO - 10.1145/3133956.3138831

M3 - Conference contribution

AN - SCOPUS:85041448091

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 2527

EP - 2529

BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

ER -

Lee Y, Yang WS, Kwon T. Poster:Watch out your smartwatch when paired. In CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2017. p. 2527-2529. (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/3133956.3138831