Abstract
Robot vacuum cleaners have become increasingly popular and are widely used in various smart environments. To improve user convenience, manufacturers also introduced smartphone applications that enable users to customize cleaning settings or access information about their robot vacuum cleaners. While this integration enhances the interaction between users and their robot vacuum cleaners, it results in potential privacy concerns because users’ personal information may be exposed. To address these concerns, end-to-end encryption is implemented between the application, cloud service, and robot vacuum cleaners to secure the exchanged information. Nevertheless, network header metadata remains unencrypted and it is still vulnerable to network eavesdropping. In this paper, we investigate the potential risk of private information exposure through such metadata. A popular robot vacuum cleaner was deployed in a real smart environment where passive network eavesdropping was conducted during several selected cleaning events. Our extensive analysis, based on Association Rule Learning, demonstrates that it is feasible to identify certain events using only the captured Internet traffic metadata, thereby potentially exposing private user information and raising privacy concerns.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Customer reviews on iRobot Roomba i7. https://www.amazon.com/iRobot-Roomba-7150-Wi-Fi-Connected/product-reviews/B07GNRGDKP. Accessed 31 Jul 2024
Wireshark. https://www.wireshark.org/. Accessed 31 Jul 2024
Acar, A., et al.: Peek-a-boo: i see your smart home activities, even encrypted! In: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 207–218 (2020)
Agrawal, R., Imieliński, T., Swami, A.: Mining association rules between sets of items in large databases. In: Proceedings of the 1993 ACM SIGMOD International Conference on Management of Data, pp. 207–216 (1993)
Alferidah, D.K., Jhanjhi, N.: A review on security and privacy issues and challenges in internet of things. Int. J. Comput. Sci. Netw. Secur. IJCSNS 20(4), 263–286 (2020)
Alyami, M., Alharbi, I., Zou, C., Solihin, Y., Ackerman, K.: WiFi-based IoT devices profiling attack based on eavesdropping of encrypted WiFi traffic. In: 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), pp. 385–392. IEEE (2022)
Beale, J., Orebaugh, A., Ramirez, G.: Wireshark & Ethereal network protocol analyzer toolkit. Elsevier (2006)
BESTBUY: Customer Ratings & Reviews on iRobot Roomba i7 (2024). https://www.bestbuy.com/site/reviews/irobot-roomba-i7-wi-fi-connected-robot-vacuum-charcoal/6280530. Accessed 31 Jul 2024
Dachyar, M., Zagloel, T.Y.M., Saragih, L.R.: Knowledge growth and development: Internet of Things (IoT) research, 2006–2018. Heliyon 5(8) (2019)
Dahlberg Sundström, T., Nilsson, J.: Ethical hacking of a premium robot vacuum: Penetration testing of the Roborock S7 robot vacuum cleaner (2022)
Goods, C.: Robotic vacuum cleaner market size, share & trends analysis report by type (floor vacuum cleaner, pool vacuum cleaner), by application (residential, commercial, industrial), by distribution channel, by region, and segment forecasts, 2022 - 2030 (2021). https://www.grandviewresearch.com/industry-analysis/robotic-vacuum-cleaner-market. Accessed 31 Jul 2024
Gu, T., Fang, Z., Abhishek, A., Mohapatra, P.: IoTSpy: uncovering human privacy leakage in IoT networks via mining wireless context. In: 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–7. IEEE (2020)
Hancock, S.A.: The iRobot Roomba i7 is the latest iteration in the always dependable roomba line. find out what makes it such an indispensable addition to your arsenal of labor-saving devices in our 2023 review! (2023). https://cleanup.expert/irobot-roomba-i7/. Accessed 31 Jul 2024
Lee, M.C., Lin, J.C., Owe, O.: PDS: deduce elder privacy from smart homes. Internet Things 7, 100072 (2019)
Ludlow, D.: iRobot Roomba i7 reviews (2021). https://www.trustedreviews.com/reviews/irobot-roomba-i7. Accessed 31 Jul 2024
Rescorla, E.: The transport layer security (TLS) protocol version 1.3. Tech. rep. (2018)
Sami, S., Dai, Y., Tan, S.R.X., Roy, N., Han, J.: Spying with your robot vacuum cleaner: eavesdropping via lidar sensors. In: Proceedings of the 18th Conference on Embedded Networked Sensor Systems, pp. 354–367 (2020)
Swessi, D., Idoudi, H.: A survey on Internet-of-Things security: threats and emerging countermeasures. Wireless Pers. Commun. 124(2), 1557–1592 (2022)
Ullrich, F., Classen, J., Eger, J., Hollick, M.: Vacuums in the cloud: analyzing security in a hardened IoT ecosystem. In: 13th USENIX Workshop on Offensive Technologies (WOOT 19) (2019)
Acknowledgments
The authors want to thank the anonymous reviewers for their reviews and valuable suggestions to this paper. This work has received funding from the Research Council of Norway through the SFI Norwegian Centre for Cybersecurity in Critical Sectors (NORCICS) project no. 310105.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ulsmåg, B., Lin, JC., Lee, MC. (2025). Investigating the Privacy Risk of Using Robot Vacuum Cleaners in Smart Environments. In: Katsikas, S., Xenakis, C., Kalloniatis, C., Lambrinoudakis, C. (eds) Information and Communications Security. ICICS 2024. Lecture Notes in Computer Science, vol 15056. Springer, Singapore. https://doi.org/10.1007/978-981-97-8798-2_16
Download citation
DOI: https://doi.org/10.1007/978-981-97-8798-2_16
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-8797-5
Online ISBN: 978-981-97-8798-2
eBook Packages: Computer ScienceComputer Science (R0)