Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks

The IoT (Internet of Things) technology has been widely adopted in recent years and has profoundly changed the people's daily lives. However, in the meantime, such a fast-growing technology has also introduced new privacy issues, which need to be better understood and measured. In this work, we look into how private information can be leaked from network traffic generated in the smart home network. Although researchers have proposed techniques to infer IoT device types or user behaviors under clean experiment setup, the effectiveness of such approaches become questionable in the complex but realistic network environment, where common techniques like Network Address and Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic analysis using traditional methods (e.g., through classical machine-learning models) is much less effective under those settings, as the features picked manually are not distinctive any more. In this work, we propose a traffic analysis framework based on sequence-learning techniques like LSTM and leveraged the temporal relations between packets for the attack of device identification. We evaluated it under different environment settings (e.g., pure-IoT and noisy environment with multiple non-IoT devices). The results showed our framework was able to differentiate device types with a high accuracy. This result suggests IoT network communications pose prominent challenges to users' privacy, even when they are protected by encryption and morphed by the network gateway. As such, new privacy protection methods on IoT traffic need to be developed towards mitigating this new issue

Web Service Based News Portal

Providing web services for smart phones is the currently recent booming topic, this happened because the smart phones are used in almost every area, where today’s user uses it for mobile banking, emailing, searching location and data. Smart phones are advanced in terms of processing power, memory, an embedded camera, sensors and same time parallel advancement in wireless network and software web technologies. This project will direct our work in the current generation platform technologies and standards such as Android OS and REST for News Portal. It is a complete news portal showing all the news around the nation in an interactive fashion at one place. It aims in bringing more simplicity for obtaining news about any issue round the nation. Every newspaper and news channel publishes the news on their website. So a person has to visit various websites if the user needs information about any current news in which ever language the user wants. So this portal aims to bring all the news of all different languages grouped together under one banner by provisioning web services. All sorts of news ranging from breaking news to cricket news are covered over here. Information regarding daily horoscope as well as latest stock prices are also obtained in this single portal. Mobile devices (Smart phones, PDA, Tablets), Mobile web services and wireless communications, by the year 2020 will be expected to play a central role in all aspects of our lives. The Mobile web service provisioning is substantially expanding on the concept of ‘Anywhere, Anytime and on Any Device’ to a new paradigm ubiquitous mobile computing. It is used to improve access to meaningful, quickly and required information and content through mobile web services. Many of the problems of mobile web services can be solved by targeting the distributed nature and isolated deployment of mobile applications. One of the most promising way to create viable web services for mobile devices is to add extra intelligence to the web services, both on the web service provider and the web service consumer

Adaptive online deployment for resource constrained mobile smart clients

Nowadays mobile devices are more and more used as a platform for applications. Contrary to prior generation handheld devices configured with a predefined set of applications, today leading edge devices provide a platform for flexible and customized application deployment. However, these applications have to deal with the limitations (e.g. CPU speed, memory) of these mobile devices and thus cannot handle complex tasks. In order to cope with the handheld limitations and the ever changing device context (e.g. network connections, remaining battery time, etc.) we present a middleware solution that dynamically offloads parts of the software to the most appropriate server. Without a priori knowledge of the application, the optimal deployment is calculated, that lowers the cpu usage at the mobile client, whilst keeping the used bandwidth minimal. The information needed to calculate this optimum is gathered on the fly from runtime information. Experimental results show that the proposed solution enables effective execution of complex applications in a constrained environment. Moreover, we demonstrate that the overhead from the middleware components is below 2%

RADIS: Remote Attestation of Distributed IoT Services

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trustworthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an interoperable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trustworthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table