Privacy Preserving Threat Hunting in Smart Home Environments
The recent proliferation of smart home environments offers new and transformative circumstances for various domains with a commitment to enhancing the quality of life and experience. Most of these environments combine different gadgets offered by multiple stakeholders in a dynamic and decentralized manner, which in turn presents new challenges from the perspective of digital investigation. In addition, a plentiful amount of data records got generated because of the day to day interactions between these gadgets and homeowners, which poses difficulty in managing and analyzing such data. The analysts should endorse new digital investigation approaches to tackle the current limitations in traditional approaches when used in these environments. The digital evidence in such environments can be found inside the records of logfiles that store the historical events occurred inside the smart home. Threat hunting can leverage the collective nature of these gadgets to gain deeper insights into the best way for responding to new threats, which in turn can be valuable in reducing the impact of breaches. Nevertheless, this approach depends mainly on the readiness of smart homeowners to share their own personal usage logs that have been extracted from their smart home environments. However, they might disincline to employ such service due to the sensitive nature of the information logged by their personal gateways. In this paper, we presented an approach to enable smart homeowners to share their usage logs in a privacy preserving manner. A distributed threat hunting approach has been developed to permit the composition of diverse threat classes without revealing the logged records to other involved parties. Furthermore, a scenario was proposed to depict a proactive threat Intelligence sharing for the detection of potential threats in smart home environments with some experimental results.