A Secure Smart Home using Internet-of-Things
Jabir Muhammad Ibrahim Amin Karami
Department of Compute Science & Department of Compute Science &
Informatics, Docklands Campus Informatics, Docklands Campus
University of East London (UEL) University of East London (UEL)
E16 2RD, London, UK E16 2RD, London, UK
u0750623@uel.ac.uk +44 208223 3347
a.karami@uel.ac.uk
ABSTRACT
Internet-of-Things (IoT) has recently been the biggest innovation,
which promises to enhance our daily life and activities through
intelligent sensors and smart devices working together. With
Internet protocol connectivity, these devices can be connected to
the Internet which allow users to control, read and manage them
from anywhere at any given time. As security is one of the main
concerns in IoT, this work proposes and implements a secure IoT
framework using TLS/SSL protocol. To develop the proposed
framework, we have programmed the sensors through Arduino
board and uploaded the sensory data into the cloud storage for
accessing to the connected devices in a smart home. The
experimental results show the outcome of the online monitoring
and analysis of sensory data remotely stored in the cloud.
CCS Concepts
• Computer engineering and network technology
Keywords
Internet-of-Things (IoT); Smart Home; Sensor; Arduino; Cloud
Storage; Secure Connection, TLS/SSL
1. INTRODUCTION
One cutting-edge vision of connected devices at home is a full of
smart gadgets that anticipate our needs, monitor remotely
incidents, keep us healthy, and save us money is slowly taking
shape [1]. Smart home is an ambiguous term used in referring to
applications or devices for controlling, observing and automating
day to day functions at home [2]. A smart home is an information
and communication-technology term for organized technologies
in a home where the components communicate through a local
network [3, 4]. The programmed alarms, programmed doors and
windows, entertainment units, heating systems, motion light
sensors, while all these inventions are nothing new, but the
centralized communication between these devices is the smart
aspect and the possibility of generating automatic action [3].
Although smart home or home automation started as early as 1998
Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that
copies bear this notice and the full citation on the first page. Copyrights
for components of this work owned by others than ACM must be
honored. Abstracting with credit is permitted. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior
specific permission and/or a fee. Request permissions from
Permissions@acm.org.
ICIME 2017, October 9–11, 2017, Barcelona, Spain
© 2017 Association for Computing Machinery.
ACM ISBN 978-1-4503-5337-3/17/10…$15.00
DOI: https://doi.org/10.1145/3149572.3149577
69
Fahimeh Jafari
Department of Compute Science &
Informatics, Docklands Campus
University of East London (UEL)
E16 2RD, London, UK
+44 208223 7791
f.jafari@uel.ac.uk
to early 2000, but the last 4-5 years has seen enormous growth in
the smart home industry with new technology coming in. The
development of the Internet-of-Things (IoT) has led to enormous
IoT applications such as intelligent transport systems, smart
shopping systems, and smart home systems [5]. Smart home
applications have considerably gotten more attention because of
their closeness to people’s lives and comfortability. For instance, a
washing machine (i.e., things or remote devices) can be easily
connected to Internet and remotely controlled. To make it easier
for almost all the home appliances for creating and developing a
smart home, IoT has been integrated with Cloud computing
platforms as the basis of future technologies, creating a smart
world [6].
The past five years to present, home appliance providers and
manufacturers are widening the knowledge of IoT by producing
more smart devices for homes that makes a smart home. In a
smart home, heterogeneous devices are remotely controlled
through smart phones or the web without distance and human
restrictions. These devices that make up the smart home have the
possibility of sharing data within themselves with the aid of
Internet connection. However, the existing architectures and
frameworks pay less attention to the important system design
issue as cloud-based IoT connectivity through a secure channel for
online monitoring and analysis. An efficient and effective security
mechanism is required to secure data against attacks such as
spoofing and eavesdropping [7, 8]. An important question is how
to increase the speed and the agility of secure and online access to
massive data captured from sensors for end user(s)? The main
contribution of this work is fourfold: (a) successfully connect
home sensors to Arduino board (b) program the sensors to capture
data (c) send sensory data to the cloud over the Internet through a
secured mechanism using the TLS/SSL (a cryptographic protocol
for secure communication) (d) and the captured data will be used
for data analysis for future usage. The proposed framework allows
users to securely access to the cloud and make online data
monitoring and analysis. End users will be able to employ data
analysis platform such as MATLAB simultaneously for real-time
data analysis purposes.
The rest of the paper is organized as follows. Section 2 provides
the background about IoT and cloud storages. Section 3 discusses
the related work on IoT and some of existing issues. Section 4
explains the proposed framework. Section 5 presents experimental
results. Finally, conclusion is given in Section 6.
2. BACKGROUND
2.1. IoT: an emerging approach
The Internet-of-Things is a developing topic with special and
critical point in technical, social and economic aspect. The IoT
devices are connected to provide big data analytics that guarantee
to change the way we live. The projections for the effect of IoT on
the Internet and economy are looking great, with Gartner
suggesting a possible 21 billion devices by 2020 [9]. Internet-of-
Things is a generally used term for set of systems, design
techniques and technologies, which are the developing approach
of Internet-connected things that are based on the physical
environment. The whole idea behind Internet-of-Things is the
devices that we use in our daily life embedded with identifiers and
wireless Internet connectivity where these devices will
communicate with each other and be managed by a central unit. In
a nutshell, Internet-of-Things is generally situations where devices,
sensors are provided with network connectivity and computing
ability to consume, generate and exchange data and communicate
with minimal human intervention [10]. The idea behind IoT is a
great topic at the moment but it is not a new concept. IoT is a
world of devices with sensors connected together to capture and
also share data through specific platforms, the sensor data can
provide business and knowledge insights that were not available.
The Internet-of-Things is about the technology, obscure
monitoring and control of the sensors also where the technology
can be applied in the todays’ world. The view of connecting
sensors and other devices to the ICT system through the wired or
wireless networks can be applied in many aspects of the world
like the ecosystem, health sector, home, and cities which in turn
make this known as smart health system, smart home or smart
cites. There are potential positivity and advantages you can take
away from current smart home applications, but they still have
some weaknesses, which can be exploited, among them can be
privacy and security, authentication and traffic encryption. With
smart home technology, the central controlled unit is mostly on a
mobile app that connects to a cloud-based server and the concern
here is if you can control your smart home devices using the
Internet then there are chances that someone else can control and
have access to them as well as a result of weak authentication
system. Most of the mobile applications where smart home
devices are controlled from do not use a secure connection for
data transfer to the cloud this research will aim to address one of
these weaknesses.
2.2. Cloud Computing
Cloud computing has been defined in many ways over the years
by different scholars and organizations. Griffith (2016) defines
cloud computing as the general process of storing data, storing
programs, accessing the data and programs over the Internet
instead of the computer’s hard drive. Cloud computing is just the
oppose way of local computing where you store data and access
programs from the local computer hard drive. The National
Institute for Standards and Technology (NIST) came up with the
definition of cloud computing that is widely accepted and used in
the United States government and also in the industry as a model
that enables omnipresent and convenient and on demand network
access to computers that share the same computing resources like
storage, networks, servers, which can be made available quickly
with minimal management or consumer effort or service provider
interference [12]. IBM which is one the biggest cloud computing
service providers defines cloud computing as the process of
delivering on demand computer resources from data centers to
computer applications over the Internet. For anything to be
considered as cloud computing, the data and programs need to be
accessed over the Internet, i.e. the cloud or in some cases have the
data synched with other information over the web. The examples
of cloud computing applications are Microsoft OneDrive, Apple
70
iCloud, Amazon Cloud drive, Google Drive, and hybrid services
like Box, Dropbox and SugarSync. The cloud-computing feature
in this paper comes with the use of ThingSpeak platform, which
has a cloud-based architecture. ThingSpeak is the open IoT
platform with data analytics powered by MATLAB in order to
analyse captured data in real-time, while none of above-mentioned
services have these advantages.
3. RELATED WORK
Skouby and Lynggard [13] proposed a futuristic model that
connects smart cities, smart home and IoTs into one large
infrastructure. The proposed model has four main layers that join
and interface the smart city, smart home and IoT elements by
deploying fifth generation (5G), IoTs, cloud of things and
distributed artificial intelligence. The proposed system uses 5G
technology which is not ready to be used in the industry now and
anytime soon. Recent unfortunate situation made the industry and
academia in general more interested and willing to look deeper in
general IoT development and security. Keoh et al. [14] made
efforts in showing overview of IoT security solutions that will
make devices communicate with each other in a secured manner.
The solution, which as was first proposed by the Internet
Engineering Task Force (IETF), in order to regulate security
solutions in for IoT ecosystems, the IETF, proposed the use of
Constrained Application Protocol (CoAP). The authors went
further to examine datagram transport layer security, which by
default is bound to CoAP. Through their performance evaluation
and analysis, they were able to produce a lightweight Datagram
Transport Layer Security (DTLS) that provide a more security
function for IoT devices as well as analysing IETF proposed
compression scheme to reduce message fragmentation issues in
DTLS. Moreover, there were weaknesses in which they figure out
from device bootstrapping, authorization, key management, and
privacy in IoT in general. Yeh [15] introduced an IoT-based
healthcare system that functions with a body sensor architecture,
with the aid of a vigorous crypto primitives a two-way
communication mechanism was developed to ensure system
efficiency is attained as well as secured transmission between the
IT devices is maintained. The communication mechanism
proposed by Yeh [15] involves two communication channels,
which are communication from the sensors to local processing
unit i.e. the intelligent device, and communication from local
processing unit to BSN server. The author was able to point out
security issues within communication channel, however
communications between devices and data transmissions are not
all secured which can lead to data eavesdropping and spoofing.
Chakravorty et al. [16] proposed a data security and privacy
approach for data analytics for smart homes. They applied a
separate hashed identifier dictionary storage, using an heuristic-
based k-anonymization algorithm for authorization of identifiers.
This method is not IoT-based and adds an additional
computational costs into the system for mitigating security issues.
4. PROPOSED FRAMEWORK
The proposed framework compromises of heterogeneous sensors
i.e. temperature sensors, flame sensors, sound sensors, raindrops
sensor and human body induction sensor, which will be connected
and programmed with Arduino Yun board to send the data to
cloud. Table 1 illustrates a summary of used sensors.
Figure 1 shows the deployment of a secure IoT-based smart home
framework which collects all the real-time captured sensory data
into ThingSpeak cloud platform for two main reasons: real-time
monitoring and data analysis timely and securely. After setting up
sensors with Arduino board, they are connected (wireless or wire
channel) securely using TLS/SSL protocol to the ThingSpeak
platform. Simultaneously, end users can connect to the
ThingSpeak for real-time accessing to sensory data and analyse
data securely through TLS/SSL protocol. TLS/SSL establishes a
strong encrypted session between source and destination so that
the encrypted data can only be read and understood by the
intended parties. In this work, the sources and the destinations are
between Arduino board and ThingSpeak, and between
ThingSpeak and end user(s). Algorithm 1 shows the incorporated
TLS/SSL protocol into the proposed system design through
Arduino board.
Figure 1. Proposed Framework

Table 1. A summary of sensors #include <SPI.h>

#include <WiFi101.h> // load SSL certificate
Sensor Prototype Function char ssid[] = "yourNetwork"; // network SSID
Using microphone char pass[] = "Password"; // network password
and processing int status = WL_IDLE_STATUS;
Sound circuit to provide char server[] = "www.thingspeak.com";
WiFiClient client; // Initialize the Wi-Fi client library
output when it
void setup() {
detect a sound Serial.begin(9600); //Initialize serial and wait for port to open:
Measuring the // check for the presence of the shield:
temperature and if (WiFi.status() == WL_NO_SHIELD) {
humidity level of Serial.println("Wi-Fi shield is not available");
Temperature while (true); } // don't continue
an area with help
and Humidity // attempt to connect to Wi-Fi network:
of capacitive
humidity sensor while (status != WL_CONNECTED) {
Serial.print("Attempting to connect to SSID …");
and a thermistor Serial.println(ssid);
// Connect to WPA/WPA2 network
status = WiFi.begin(ssid, pass);
delay(10000); } // wait 10 seconds for connection
Detecting body
Serial.println("Connected to Wi-Fi");
Sound movement in Serial.println("\n Starting connection to server ...");
surroundings // if you get a connection, report back via serial port:
if (client.connectSSL(server, 443)) {
Serial.println("Connected successfully to server");
// Make a HTTP request:
client.println("GET /asciilogo.txt HTTP/1.1");
Detecting water client.println("Connection: close");
beyond what a client.println();
Sound Serial.println("Request sent"); } }
humidity sensor void loop() {
can detect // if there are incoming bytes available from server:
while (client.available()) {
char c = client.read();
Serial.write(c);
Detecting short- }
Sound
range fire // if the server's disconnected, stop the client:
if (!client.connected()) {
Serial.println();
Serial.println("Disconnecting from server.");
client.stop();
while (true); } } // don't continue
Algorithm 1. TLS/SSL connection through Arduino board

5. EXPERIMENTAL RESULTS
This section presents the output from some of sensors, sending
securely data into ThingSpeak cloud platform. End users can log
in into cloud and analyse the sensory data at real-time. For
instance, Figure 2 shows a temporal sensory data from sound

71
sensor that captures movement at home. As seen, there is no
movement because there is nobody at home. As soon as anyone
moves (i.e., an unauthorized access to a room or stealing), the
sensor captures new pattern of data and send them to cloud.
Figure 3 shows these temporal results when there is human
movement.
Figures 4 and 5 show flame detection in a certain area at home.
Figure 4 gives a visualized information to end user that there is no
flame and user can learn the pattern of safe condition. In contrast,
Figure 5 gives a visualized information about flame detection and
its pattern. End user is easily able to access remotely to home for
safety monitoring and react against events timely.
Figure 5. Flame detection, when there is flame

Another visualization result depicts in Figures 6 and 7, where the

end user can see intuitively the temperature and humidity of the
home in different time slots. These visualization techniques enable
end user(s) to understand a greater amount of data captured from
the home in a shorter time. Visualization strategies provide
several advantages, mainly merging huge amount of data into
simple and effective graphs and providing easy-to-understand
analysis format [17, 18]. Consequently, end user(s) can
simultaneously apply the most productive software environment
and high-performance platforms, such as MATLAB for technical
Figure 2. Sensing human movement, when there is no computing and analysis over captured sensory data for further
movement actions when a certain threshold in each sensor is met.

Figure 6. Temperature and Humidity (timespan 1)

Figure 3. Sensing human movement, when there is movement

Figure 7. Temperature and Humidity (timespan 2)

The proposed prototype system design includes some useful

features, e.g., easy programming boards, secure connections, and
cloud-based storage for sensory data that supports end users for
online data analysis. End users can apply data analytics tools for
modeling and visualizing data into knowledge. For instance,
Figure 4. Flame detection, when there is no flame
Figure 8 depicts the Q-Q plot programmed with end user to
investigate the difference between a distribution of temperature

72
and humidity data in the usual and the unusual circumstances,
where there is a high fluctuation. As seen in Figure 8, the plot is
not a straight line, suggesting that the lifetime data for a sample of
sensed data during a timestamp does not follow a normal
distribution. Thus, end users need to make a decision regarding to
this gained knowledge.
Figure 8. Q-Q plot of temperature and humidity sensory data
Figures 9 and 10 demonstrate another analysis of sensory data in
real-time through ThingSpeak platform. According to these
figures, end user can interpret the captured raw data by regression
and histogram functions to be able to convert data into insights for
further actions. For instance, if there is no significant correlation
between different timestamps of captured data within a human
movement into a room, end user may conclude that there is an
intruder or unauthorized entrance to a private room. An accurate
analysis for distinguishing normal and abnormal data patterns is
needed as future work. Finally, to ensure we are sending a secure
data through TLS/SSL protocol, Wireshark network protocol
analyser is used to see what is happening within a secure channel.
Figure 11 shows a sample of travelled data securely.
Figure 9. The regression of sensed data for human movement
73
Figure 10. The histogram of sensed data for human movement
Figure 11. Encrypted data using TLS protocol
6. CONCLUSION AND FUTURE WORK
The proposed IoT framework for smart home integrates
heterogeneous devices that send secure data to the cloud. The
framework consists of several sensors, micro-controller (Arduino
board) and ThingSpeak as the cloud storage. This framework
addressed data security issue by using TLS/SSL protocol for
eliminating spoofing attack and data eavesdropping. This work
can be further extended to provide analysis from the captured data
and proposed action plan when a certain threshold in each sensor
is met. Moreover, another future contribution would be enabling
user interaction with the IoT-based smart home through applying
computational intelligence disciplines for revealing more details.
7. REFERENCES
[1] Pretz, K. 2015. IEEE Provides the Keys to a Smarter Home.
Available at http://theinstitute.ieee.org/technology-
topics/smart-technology/ieee-provides-the-keys-to-a-smarter-
home. Accessed on 27-05-2017.
[2] Kurkinen, K. 2015. Smart Homes and Home Automation.
M2M Research Series. Available at
https://ec.europa.eu/research/innovation-union/pdf/active-
healthy-ageing/berg_smart_homes.pdf. Accessed on 27-05-
2017.
[3] Laberg, T. 2005. Smart Home Technology; Technology
supporting independent living - does it have an impact on
health? Technical Report. Ehealthresearch Noeway.
[4] Krishna, M. B., and Verma, A. 2016. A framework of smart
homes connected devices using Internet of Things. 2nd
International Conference on Contemporary Computing and
Informatics (IC3I), Noida. pp. 810-815.
[5] Song, T., Li, R., Mei, B., Yu, J., Xing, X., and Cheng, X.
2017. A Privacy Preserving Communication Protocol for IoT
Applications in Smart Homes. IEEE Internet of Things
Journal, vol. PP, no.99.
[6] Josyula, S. K., and Gupta, D. 2016. Internet of things and
cloud interoperability application based on Android. IEEE
International Conference on Advances in Computer
Applications (ICACA), Coimbatore, pp. 76-81.
[7] Karami, A. and Guerrero-Zapata, M. 2015. A fuzzy anomaly
detection system based on hybrid PSO-Kmeans algorithm in
content-centric networks. Neurocomputing, Volume 149,
Part C, pp. 1253-1269.
[8] Karami, A., and Guerrero-Zapata M. 2015. An anfis-based
cache replacement method for mitigating cache pollution
attacks in named data networking. Computer Networks,
Volume 80, pp. 51-65.
[9] Stamford (2015) Gartner Says 6.4 Billion Connected
"Things" Will Be in Use in 2016, Up 30 Percent From 2015.
Available at: http://www.gartner.com/newsroom/id/3165317.
[10] Rose, K., Eldridge S., and Chapin L. 2015. The Internet of
Things: An Overview - Understanding the Issues and
Challenges of a More Connected World. The Internet Society.
[11] McFedries, P. 2012. Cloud computing: beyond the hype. San
Francisco.
[12] Mell, P. and Grance T. 2011. The NIST Definition of Cloud
Computing. NIST Special Publication 800-145. Gaithersburg.
74
[13] Skouby, K. E. and Lynggaard, P. 2014. Smart home and
smart city solutions enabled by 5G, IoT, AAI and CoT
services. IEEE International Conference on Contemporary
Computing and Informatics (IC3I), pp. 874-878.
[14] Keoh, S. L., Kumar, S. S., and Tschofenig, H. 2014. Securing
the Internet-of-Things: A standardization perspective. IEEE
Internet-of-Things Journal, 1(3), pp. 265-275.
[15] Yeh, K. H. 2016. A Secure IoT-Based Healthcare System
With Body Sensor Networks. IEEE Access, vol. 4, pp. 10288-
10299.
[16] Chakravorty, A., Wlodarczyk, T., and Rong, Ch. 2013.
Privacy Preserving Data Analytics for Smart Homes. IEEE
Security and Privacy Workshops, pp. 23-27.
[17] Karami, A. 2015. A Framework for Uncertainty-Aware
Visual Analytics in Big Data. Third International Workshop
on Artificial Intelligence and Cognition (AIC), pp. 146-155.
[18] Karami, A. 2015. ACCPndn: adaptive congestion control
protocol in named data networking by learning capacities
using optimized time-lagged feedforward neural network.
Journal of Network and Computer Applications (JNCA),
Volume 56, pp. 1-18.