research-article

Public Access

Attacking and Protecting Tunneled Traffic of Smart Home Devices

Authors:

Ahmed Alshehri,

Chuan YueAuthors Info & Claims

CODASPY '20: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

Pages 259 - 270

https://doi.org/10.1145/3374664.3375723

Published: 16 March 2020 Publication History

Abstract

The number of smart home IoT (Internet of Things) devices has been growing fast in recent years. Along with the great benefits brought by smart home devices, new threats have appeared. One major threat to smart home users is the compromise of their privacy by traffic analysis (TA) attacks. Researchers have shown that TA attacks can be performed successfully on either plain or encrypted traffic to identify smart home devices and infer user activities. Tunneling traffic is a very strong countermeasure to existing TA attacks. However, in this work, we design a Signature based Tunneled Traffic Analysis (STTA) attack that can be effective even on tunneled traffic. Using a popular smart home traffic dataset, we demonstrate that our attack can achieve an 83% accuracy on identifying 14 smart home devices. We further design a simple defense mechanism based on adding uniform random noise to effectively protect against our TA attack without introducing too much overhead. We prove that our defense mechanism achieves approximate differential privacy.

References

[1]

Acar, A., Fereidooni, H., Abera, T., Sikder, A. K., Miettinen, M., Aksu, H., and Uluagac, A. S. Peek-a-boo: I see your smart home activities, even encrypted! In arXiv preprint arXiv:1808.02741 (2018).

[2]

Apthorpe, N., Huang, D. Y., Reisman, D., Narayanan, A., and Feamster, N. Keeping the smart home private with smart (er) iot traffic shaping. In Proceedings on Privacy Enhancing Technologies, 2019(3) (2019).

[3]

Apthorpe, N., Reisman, D., Sundaresan, S., Narayanan, A., and Feamster, N. Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. In CoRR, abs/1708.05044, 2017 (2017).

[4]

Breiman, L. Random forests. vol. 45.

Digital Library

[5]

Chawla, N. V., Bowyer, K. W., Hall, L. O., and Kegelmeyer, W. P. Smote: synthetic minority over-sampling technique. In Journal of artificial intelligence research (2002).

Digital Library

[6]

Cherubin, G. Bayes, not naïve: Security bounds on website fingerprinting defenses. In Proceedings on Privacy Enhancing Technologies (2017).

[7]

Copos, B., Levitt, K., Bishop, M., and Rowe., J. Is anybody home? inferring activity from smart home network traffic. In In Security and Privacy Workshops (SPW) (2016).

[8]

Datta, T., Apthorpe, N., and Feamster, N. Developer-friendly library for smart home iot privacy-preserving traffic obfuscation. In Proceedings of the 2018 Workshop on IoT Security and Privacy - IoT S&P (2018).

Digital Library

[9]

Draper-Gil, G., Lashkari, A. H., Mamun, M. S., and Ghorbani, A. A. Characterization of encrypted and vpn traffic using time-related features. In Proceedings of the 2nd International Conference on Information Systems Security and Privacy (2016).

[10]

Dwork, C. Differential privacy: A survey of results. In Encyclopedia of Cryptography and Security, 338--340. (2011).

[11]

Dwork, C., Kenthapadi, K., Mcsherry, F., Mironov, I., and Naor, M. Our data, ourselves: Privacy via distributed noise generation. In Advances in Cryptology (2006).

[12]

Dwork, C., and Lei, J. Differential privacy and robust statistics. In Proceedings of the 41st Annual ACM Symposiom Theory Computation (2009).

Digital Library

[13]

Dwork, C., and Roth, A. The algorithmic foundations of differential privacy. Boston: Now. (2014).

Digital Library

[14]

Dyer, K. P., Coull, S. E., Ristenpart, T., and Shrimpton, T. Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In Proceedings of 2012 IEEE Symposium on Security and Privacy (2012).

Digital Library

[15]

Erlingsson, U., Pihur, V., and Korolova, A. Rappor: Randomized aggregatable privacy-preserving ordinal response. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security (pp. 1054--1067). ACM. (2014).

Digital Library

[16]

Garrett, T., Dustdar, S., Bona, L. C., and Duarte, E. P. Traffic differentiation on internet of things. In Proceedings of 2018 IEEE Symposium on (pp. 142--151). In Service-Oriented System Engineering (SOSE) (2018).

[17]

Hamza, A., Gharakheili, H. H., Benson, T. A., and Sivaraman, V. Detecting volumetric attacks on lot devices via sdn-based monitoring of mud activity. In In Proceedings of the 2019 ACM Symposium on SDN Research (2019).

Digital Library

[18]

He, J., and Cai, L. Differential private noise adding mechanism and its application on consensus. In arXiv:1611.08936v2 (2017).

[19]

Herrmann, D., Wendolsky, R., and Federrath, H. Website fingerprinting: Attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifie. In Proceedings of the 2009 ACM Workshop on Cloud Computing Security - CCSW 09 (2009).

Digital Library

[20]

Kawai, H., Ata, S., Nakamura, N., and Oka, I. Identification of communication devices from analysis of traffic patterns. In 13th International Conference on Network and Service Management (CNSM) (2017).

[21]

Kumar, D., Shen, K., Case, B., Garg, D., Alperovich, G., Kuznetsov, D., and Durumeric, Z. All things considered: an analysis of iot devices on home networks. In In 28th USENIX Security Symposium (2019).

[22]

Liu, J., Zhang, C., and Fang, Y. Epic: A differential privacy framework to defend smart homes against internet traffic analysis. IEEE Internet of Things 5(2), 1206--1217 (2018).

[23]

Makhoul, J. A fast cosine transform in one and two dimensions. In IEEE Transactions on Acoustics, Speech, and Signal Processing (1980).

[24]

Marchal, S., Miettinen, M., Nguyen, T. D., Sadeghi, A. R., and Asokan, N. Audi: Toward autonomous iot device-type identification using periodic communication. IEEE Journal on Selected Areas in Communications 5(2), 1206--1217 (2019).

[25]

McKinney, W. pandas: a foundational python library for data analysis and statistics. python for high performance and scientific computing. In Proceedings of 35th IEEE Symposium onSecurity and Privacy Workshops (SPW) (2011).

[26]

Meidan, Y., Bohadana, M., Shabtai, A., Guarnizo, J. D., Ochoa, M., Tippenhauer, N. O., and Elovici, Y. Profiliot: A machine learning approach for iot device identification based on network traffic analysis. In Proceedings of the Symposium on Applied Computing - SAC 17 (2017).

Digital Library

[27]

Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A. R., and Tarkoma, S. Iot sentinel: Automated device-type identification for security enforcement in iot. In In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS) (2017).

[28]

Sivanathan, A., Sherratt, D., Gharakheili, H. H., Radford, A., Wijenayake, C., Vishwanath, A., and Sivaraman, V. Characterizing and classifying iot traffic in smart cities and campuses. In Proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) (2017).

[29]

Wang, T., and Goldberg, I. On realistically attacking tor with website fingerprinting. In Proceedings on Privacy Enhancing Technologies (2016).

[30]

Wang, W., Zhu, M., Wang, J., Zeng, X., and Yang, Z. End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In IEEE International Conference on Intelligence and Security Informatics (ISI) (2017).

Digital Library

[31]

Zhang, W., Meng, Y., Liu, Y., Zhang, X., Zhang, Y., and Zhu, H. Homonit: Monitoring smart home apps from encrypted traffic. In In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (2018).

Digital Library

[32]

Differential Privacy Overview - Apple. https://tools.ietf.org/html/rfc2460.

[33]

TCP Dump. http://www.tcpdump.org/manpages/tcpdump.1.html.

[34]

Wireshark. https://www.wireshark.org/cacetech.html.

[35]

Internet Protocol, Version 6 (IPv6) Specification, 1998. https://tools.ietf.org/html/rfc2460.

[36]

There is No Place Like [ A Connected ] Home, 2017. https://www.mckinsey.com/spContent/connected_homes/index.html.

[37]

Net neutrality dies on June 11th, 2018. https://www.theverge.com/2018/5/10/17338978/net-neutrality-end-date-fcc.

[38]

The 14 biggest announcements from Amazon's surprise hardware event, 2018. https://www.theverge.com/2018/9/20/17883242/amazon-alexa-event-2018-news-recap-echo-auto-dot-sub-link-auto-microwave.

[39]

The Connected Home Market, 2018. https://www.mckinsey.com/spcontent/connected_homes/pdf/mckinsey_connectedhome.pdf.

[40]

The General Data Protection Regulation, 2018. https://eugdpr.org/.

Cited By

Yu KLi QChen DHu L(2024)Safeguarding User-Centric Privacy in Smart HomesACM Transactions on Internet Technology10.1145/370172624:4(1-33)Online publication date: 18-Nov-2024
https://dl.acm.org/doi/10.1145/3701726
Li BChen YZhang LWang LCheng Y(2024)HomeSentinel: Intelligent Anti-Fingerprinting for IoT Traffic in Smart HomesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.338258919(4780-4793)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3382589
Perera YBatista GHu WKanhere SJha S(2024)SAfER: Simplified Auto-encoder for (Anomalous) Event Recognition2024 20th International Conference on Distributed Computing in Smart Systems and the Internet of Things (DCOSS-IoT)10.1109/DCOSS-IoT61029.2024.00041(229-233)Online publication date: 29-Apr-2024
https://doi.org/10.1109/DCOSS-IoT61029.2024.00041
Show More Cited By

Index Terms

Attacking and Protecting Tunneled Traffic of Smart Home Devices
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Privacy protections
  2. Security services
    1. Privacy-preserving protocols

Recommendations

Penetration Testing: Smart Home IoT Devices
Internet of Things – ICIOT 2022
Abstract
Internet of Things (IoT) devices are becoming an integral part of our lives. Although IoT is bringing convenience to control devices through smartphones, they are also vulnerable to security breaches. In this paper, we demonstrated the ...
Do not get fooled: Defense against the one-pixel attack to protect IoT-enabled Deep Learning systems
Abstract
With the rapid evolution and proliferation of Artificial Intelligence (AI) throughout the past decade, industry-wide Deep Learning (DL) applications within IIoT ecosystems are expected to rise exponentially within this coming decade. ...
Hardening machine learning denial of service (DoS) defences against adversarial attacks in IoT smart home networks
Abstract
Machine learning based Intrusion Detection Systems (IDS) allow flexible and efficient automated detection of cyberattacks in Internet of Things (IoT) networks. However, this has also created an additional attack vector; the machine ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '20: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

March 2020

392 pages

ISBN:9781450371070

DOI:10.1145/3374664

General Chairs:
Vassil Roussev
University of New Orleans, USA
,
Bhavani Thuraisingham
University of Texas at Dallas, USA
,
Program Chairs:
Barbara Carminati
University of Insubria, Italy
,
Murat Kantarcioglu
University of Texas at Dallas, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 March 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF
Saudi Arabian Cultural Mission

Conference

CODASPY '20

Sponsor:

SIGSAC

CODASPY '20: Tenth ACM Conference on Data and Application Security and Privacy

March 16 - 18, 2020

LA, New Orleans, USA

Acceptance Rates

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
892
Total Downloads

Downloads (Last 12 months)182
Downloads (Last 6 weeks)15

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yu KLi QChen DHu L(2024)Safeguarding User-Centric Privacy in Smart HomesACM Transactions on Internet Technology10.1145/370172624:4(1-33)Online publication date: 18-Nov-2024
https://dl.acm.org/doi/10.1145/3701726
Li BChen YZhang LWang LCheng Y(2024)HomeSentinel: Intelligent Anti-Fingerprinting for IoT Traffic in Smart HomesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.338258919(4780-4793)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3382589
Perera YBatista GHu WKanhere SJha S(2024)SAfER: Simplified Auto-encoder for (Anomalous) Event Recognition2024 20th International Conference on Distributed Computing in Smart Systems and the Internet of Things (DCOSS-IoT)10.1109/DCOSS-IoT61029.2024.00041(229-233)Online publication date: 29-Apr-2024
https://doi.org/10.1109/DCOSS-IoT61029.2024.00041
Zhang SShen FLiu YYang ZLv X(2023)A Novel Traffic Obfuscation Technology for Smart HomeElectronics10.3390/electronics1216347712:16(3477)Online publication date: 17-Aug-2023
https://doi.org/10.3390/electronics12163477
Zhou TZeng YChen YLiu ZMa J(2023)Encrypted Voice Traffic Fingerprinting: An Adaptive Network Traffic Feature Encoding ModelICC 2023 - IEEE International Conference on Communications10.1109/ICC45041.2023.10279018(3768-3773)Online publication date: 28-May-2023
https://doi.org/10.1109/ICC45041.2023.10279018
Zhao MChen JYang ZLiu YZhang S(2022)HomeMonitor: An Enhanced Device Event Detection Method for Smart Home EnvironmentSensors10.3390/s2223938922:23(9389)Online publication date: 1-Dec-2022
https://doi.org/10.3390/s22239389
Engelberg AWool AHong YWang L(2022)Classification of Encrypted IoT Traffic despite Padding and ShapingProceedings of the 21st Workshop on Privacy in the Electronic Society10.1145/3559613.3563191(1-13)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3559613.3563191
Xiong SSarwate AMandayam N(2022)Network Traffic Shaping for Enhancing Privacy in IoT SystemsIEEE/ACM Transactions on Networking10.1109/TNET.2021.314017430:3(1162-1177)Online publication date: 12-Jan-2022
https://dl.acm.org/doi/10.1109/TNET.2021.3140174
Shen FZhang SLiu YYang Z(2022)A Survey of Traffic Obfuscation Technology for Smart Home2022 International Wireless Communications and Mobile Computing (IWCMC)10.1109/IWCMC55113.2022.9825227(997-1002)Online publication date: 30-May-2022
https://doi.org/10.1109/IWCMC55113.2022.9825227
Islam RHossen MShin D(2022)A Mapping Study on Privacy Attacks in Big Data and IoT2022 13th International Conference on Information and Communication Technology Convergence (ICTC)10.1109/ICTC55196.2022.9952824(1158-1163)Online publication date: 19-Oct-2022
https://doi.org/10.1109/ICTC55196.2022.9952824
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten