Abstract

This paper investigates the security and privacy of Internet-connected children's smart toys through case studies of three commercially-available products. We conduct network and application vulnerability analyses of each toy using static and dynamic analysis techniques, including application binary decompilation and network monitoring. We discover several publicly undisclosed vulnerabilities that violate the Children's Online Privacy Protection Rule (COPPA) as well as the toys' individual privacy policies. These vulnerabilities, especially security flaws in network communications with first-party servers, are indicative of a disconnect between many IoT toy developers and security and privacy best practices despite increased attention to Internet-connected toy hacking risks.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Best of the Web: Just for Kids
Jennifer P D'Auria
Journal of Pediatric Health Care | VOL. 24
Jennifer P D'AuriaJennifer P D'Auria
23 Jun 2010
POCKET: A tool for protecting children's privacy online
Jung-Min Park ... France Bélanger
Decision Support Systems | VOL. 54
Jung-Min Park, et. al.Jung-Min Park ... France Bélanger
19 Nov 2012
Children Privacy Identification System in LINE Chatbot for Smart Toys
Patrick C.K Hung ... Benjamin Yankson
-
Patrick C.K Hung, et. al.Patrick C.K Hung ... Benjamin Yankson
01 Jul 2019
Comparative Study of Children’s Personal Data Protection Regulation on COPPA (Children’s Online Privacy Protection Act) and Children and GDPR
Hidayatun Nafi'Ah ... Athifah Nur Hasna
Khazanah: Jurnal Mahasiswa | VOL. 12
Hidayatun Nafi'Ah, et. al.Hidayatun Nafi'Ah ... Athifah Nur Hasna
13 Dec 2020
View more papers

More From: IEEE Internet of Things Journal

Paper Title
Journal
Date
Author
Deep-Reinforcement-Learning-Based Computation Offloading in UAV-Assisted Vehicular Edge Computing Networks
Junjie Yan ... Xiaohui Zhao
IEEE Internet of Things Journal | VOL. 11
Junjie Yan, et. al.Junjie Yan ... Xiaohui Zhao
01 Jun 2024
A Stackelberg-Game-Based Framework for Edge Pricing and Resource Allocation in Mobile Edge Computing
Siyao Cheng ... Jiayan Huang
IEEE Internet of Things Journal | VOL. 11
Siyao Cheng, et. al.Siyao Cheng ... Jiayan Huang
01 Jun 2024
IEEE Internet of Things Journal Information for Authors
-
IEEE Internet of Things Journal | VOL. -
--
01 Jun 2024
Analysis of a Mixed Multiuser Underwater Acoustic Communication/Free Space Optical Heterogeneous Relaying System
Sai Li ... Liang Yang
IEEE Internet of Things Journal | VOL. 11
Sai Li, et. al.Sai Li ... Liang Yang
01 Jun 2024
View more papers