Internet of Things (IoT) platforms enable users to deploy home automation
applications. Meanwhile, privacy issues arise as large amounts of sensitive
device data flow out to IoT platforms. Most of the data flowing out to a
platform actually do not trigger automation actions, while homeowners currently
have no control once devices are bound to the platform. We present PFirewall, a
customizable data-flow control system to enhance the privacy of IoT platform
users. PFirewall automatically generates data-minimization policies, which only
disclose minimum amount of data to fulfill automation. In addition, PFirewall
provides interfaces for homeowners to customize individual privacy preferences
by defining user-specified policies. To enforce these policies, PFirewall
transparently intervenes and mediates the communication between IoT devices and
the platform, without modifying the platform, IoT devices, or hub. Evaluation
results on four real-world testbeds show that PFirewall reduces IoT data sent
to the platform by 97% without impairing home automation, and effectively
mitigates user-activity inference/tracking attacks and other privacy risks.

