Mon(IoT | ito)r Research Group

Welcome to the Mon(IoT)r Research Group at Northeastern University.

Our research Contact us

Our Mission

The goal of the Mon(IoT)r research group is to provide awareness of the privacy implications of Internet of Things devices, and ultimately produce a means to inform users about what information they share.

What we do

177 Huntington

The key research questions we are investigating in the Mon(IoT)r research group are:

  • What personally identifiable information (PII) is being leaked, intentionally or otherwise, from IoT devices?
  • What can we do to mitigate privacy risks beyond simply encrypting, modifying, or blocking PII?

Our methodology entails recording and analyzing all network traffic generated by a variety of IoT devices that we have acquired. We not only inspect traffic for PII in plaintext, but attempt to man-in-the-middle SSL connections to understand the contents of encrypted flows. Our analysis allows us to uncover how IoT devices are currently protecting users’ PII, and determine how easy or difficult it is to mount attacks against user privacy.

The Mon(IoT)r Lab

iotlab-177

The Mon(IoT)r Lab is a first-of-its-kind IoT “living lab” for measuring IoT device network leakage. The lab consists of a studio apartment that encloses a space replete with smart devices. Specifically, all of the IoT devices in the lab are configured to use a router instrumented with packet-recording software. We use this lab to conduct controlled experiments, to observe IoT behavior in uncontrolled experiments (through its use by consenting researchers in the research group), and to provide demonstrations of security and privacy research.

Getting involved
There are two ways to get involved in the lab activities:

  1. Enroll in our IRB-approved research study with no minimum commitment
  2. Join any of our research opportunities for students

SPHERE IoT Enclave

White Horizontal

The SPHERE IoT Enclave is a remotely accessible research infrastructure for large-scale experimentation on physical consumer IoT devices. Developed as part of the broader SPHERE project in collaboration with the University of Southern California Information Sciences Institute (USC ISI) and the University of Utah, the enclave enables researchers to remotely interact with real off-the-shelf smart-home devices as if they physically owned them.

The enclave currently includes hundreds of Internet-connected consumer devices spanning smart TVs, smart speakers, cameras, smart-home devices, and more, with the infrastructure expected to scale to approximately 500 IoT devices by the end of 2027.

Learn more about the SPHERE IoT Enclave →

Latest Research

Voice Assistants Profiling (PETS ’25)

Voice Assistants Profiling (PETS ’25)

Echoes of Privacy.   Uncovering the Profiling Practices of Voice Assistants   Tina Khezresmaeilzadeh (University of Southern California), Elaine Zhu (Northeastern University), Kiersten Grieco (Northeastern University), Daniel J. Dubois (Northeastern …

IoT-IPv6 (IMC ’24)

IoT-IPv6 (IMC ’24)

Paper accepted at IMC ’24.   IoT Bricks Over v6: Understanding IPv6 Usage in Smart Homes   Tianrui Hu (Northeastern University), Daniel J. Dubois (Northeastern University), David Choffnes (Northeastern University) …

Alexa Echos (IMC ’23)

Alexa Echos (IMC ’23)

Best paper award at IMC ’23 Tracking, Profiling, and Ad Targeting in the Alexa Echo Smart Speaker Ecosystem   Umar Iqbal (University of California, Davis), Pouneh Nikkhah Bahrami (University of …

IoT Local (IMC ’23)

IoT Local (IMC ’23)

Paper accepted at IMC ’23.   In the Room Where It Happens: Characterizing Local Communication and Threats in Smart Homes   Aniketh Girish (IMDEA Networks / Universidad Carlos III de …

The Team

Prof. David Choffnes
David Choffnes is a Professor in the Khoury College of Computer Sciences at Northeastern University and Executive Director of the Cybersecurity and Privacy Institute.
Dr. Daniel J. Dubois
Daniel J. Dubois is a Senior Research Scientist in the Khoury College of Computer Sciences at Northeastern University.

Contact us


How to get in touch
Are you interested in getting in touch or to start a collaboration? Feel free to send an email to moniotr@ccs.neu.edu.
Where we are
177 Huntington
Acknowledgment
This lab and its activities were partially supported by: NSF (CNS-1955227 ProperData, CNS-1909020 BehavIoT, CNS-2330066 SPHERE) Consumer Reports Digital Lab DHS S&T (FA8750-17-2-0145 Revealing and Controlling Privacy Leaks in Network Traffic)