Side channel attacks on smart home systems: A short overview

This paper provides an overview on side-channel attacks with emphasis on vulnerabilities in the smart home. Smart homes are enabled by the latest developments in sensors, communication technologies, internet protocols, and cloud services. The goal of a smart home is to have smart household devices collaborate without involvement of residents to deliver the variety of services needed for a higher quality of life. However, security and privacy challenges of smart homes have to be overcome in order to fully realize the smart home. Side channel attacks assume data is always leaking, and leakage of data from a smart home reveals sensitive information. This paper starts by reviewing side-channel attack categories, then it gives an overview on recent attack studies on different layers of a smart home and their malicious goals

Peek-a-Boo: I see your smart home activities, even encrypted!

A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data contains a lot of sensitive information about the user and devices. However, an attacker inside or near a smart home environment can potentially exploit the innate wireless medium used by these devices to exfiltrate sensitive information from the encrypted payload (i.e., sensor data) about the users and their activities, invading user privacy. With this in mind,in this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment. It is realized utilizing state-of-the-art machine-learning approaches for detecting and identifying the types of IoT devices, their states, and ongoing user activities in a cascading style by only passively sniffing the network traffic from smart home devices and sensors. The attack effectively works on both encrypted and unencrypted communications. We evaluate the efficiency of the attack with real measurements from an extensive set of popular off-the-shelf smart home IoT devices utilizing a set of diverse network protocols like WiFi, ZigBee, and BLE. Our results show that an adversary passively sniffing the traffic can achieve very high accuracy (above 90%) in identifying the state and actions of targeted smart home devices and their users. To protect against this privacy leakage, we also propose a countermeasure based on generating spoofed traffic to hide the device states and demonstrate that it provides better protection than existing solutions.Comment: Update (May 13, 2020): This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '20), July 8-10, 2020, Linz (Virtual Event), Austria, https://doi.org/10.1145/3395351.339942

Cleartext Data Transmissions in Consumer IoT Medical Devices

This paper introduces a method to capture network traffic from medical IoT devices and automatically detect cleartext information that may reveal sensitive medical conditions and behaviors. The research follows a three-step approach involving traffic collection, cleartext detection, and metadata analysis. We analyze four popular consumer medical IoT devices, including one smart medical device that leaks sensitive health information in cleartext. We also present a traffic capture and analysis system that seamlessly integrates with a home network and offers a user-friendly interface for consumers to monitor and visualize data transmissions of IoT devices in their homes.Comment: 6 pages, 5 figure

Your Privilege Gives Your Privacy Away: An Analysis of a Home Security Camera Service

Once considered a luxury, Home Security Cameras (HSCs) are now commonplace and constitute a growing part of the wider online video ecosystem. This paper argues that their expanding coverage and close integration with daily life may result in not only unique behavioral patterns, but also key privacy concerns. This motivates us to perform a detailed measurement study of a major HSC provider, covering 15.4M streams and 211K users. Our study takes two perspectives: (i) we explore the per-user behaviour, identifying core clusters of users; and (ii) we build on this analysis to extract and predict privacy-compromising insight. Key observations include a highly asymmetrical traffic distribution, distinct usage patterns, wasted resources and fixed viewing locations. Furthermore, we identify three privacy risks and explore them in detail. We find that paid users are more likely to be exposed to attacks due to their heavier usage patterns. We conclude by proposing simple mitigations that can alleviate these risk

A systematic review of crime facilitated by the consumer Internet of Things

The nature of crime is changing — estimates suggest that at least half of all crime is now committed online. Once everyday objects (e.g. televisions, baby monitors, door locks) that are now internet connected, collectively referred to as the Internet of Things (IoT), have the potential to transform society, but this increase in connectivity may generate new crime opportunities. Here, we conducted a systematic review to inform understanding of these risks. We identify a number of high-level mechanisms through which offenders may exploit the consumer IoT including profiling, physical access control and the control of device audio/visual outputs. The types of crimes identified that could be facilitated by the IoT were wide ranging and included burglary, stalking, and sex crimes through to state level crimes including political subjugation. Our review suggests that the IoT presents substantial new opportunities for offending and intervention is needed now to prevent an IoT crime harvest

Synergy: An Energy Monitoring and Visualization System

The key to becoming a more sustainable society is first learning to take responsibility for the role we play in energy consumption. Real-time energy usage gives energy consumers a sense of responsibility over what they can do to accomplish a much larger goal for the planet, and practically speaking, what they can do to lower the cost to their wallets. Synergy is an energy monitoring and visualization system that enables users to gather information about the energy consumption in a building – small or large – and display that data for the user in real-time. The gathered energy usage data is processed on the edge before being stored in the cloud. The two main benefits of edge processing are issuing electricity hazard warnings immediately and preserving user privacy. In addition to being a scalable solution that intended for use in individual households, commercial offices and city power grids, Synergy is open-source so that it can be implemented more widely. This paper contains a system overview as well as initial finding based on the data collected by Synergy before assessing the impact the system can have on society

IoTBeholder: A Privacy Snooping Attack on User Habitual Behaviors from Smart Home Wi-Fi Traffic

With the deployment of a growing number of smart home IoT devices, privacy leakage has become a growing concern. Prior work on privacy-invasive device localization, classification, and activity identification have proven the existence of various privacy leakage risks in smart home environments. However, they only demonstrate limited threats in real world due to many impractical assumptions, such as having privileged access to the user's home network. In this paper, we identify a new end-to-end attack surface using IoTBeholder, a system that performs device localization, classification, and user activity identification. IoTBeholder can be easily run and replicated on commercial off-the-shelf (COTS) devices such as mobile phones or personal computers, enabling attackers to infer user's habitual behaviors from smart home Wi-Fi traffic alone. We set up a testbed with 23 IoT devices for evaluation in the real world. The result shows that IoTBeholder has good device classification and device activity identification performance. In addition, IoTBeholder can infer the users' habitual behaviors and automation rules with high accuracy and interpretability. It can even accurately predict the users' future actions, highlighting a significant threat to user privacy that IoT vendors and users should highly concern

Characterising Usage Patterns and Privacy Risks of a Home Security Camera Service

Home security cameras (HSCs) are becoming increasingly important in protecting people's household property and caring for family members. As an emerging type of home IoT devices, HSCs are distinct from traditional IoT devices in that they are often installed in intimate places, detecting movements constantly. Such close integration with users' daily life may result in distinct user behavioral patterns and privacy concerns. To explore this, we perform a detailed measurement study based on a large-scale service log dataset from a major HSC service provider. Our analysis reveals unique usage patterns of HSCs, including significant wasted uploads, asymmetrical upload and download traffic, skewed user engagement, and limited watching locations. We further identify three types of privacy risks in current HSC services using both passive logs and active measurements. These risks can be exploited by attackers, through observing only the traffic rates of HSCs, to infer the working state of cameras and even the daily activity routine in places where the camera is installed. Moreover, we find the premium users who pay an extra fee are especially vulnerable to such privacy inferences. We propose countermeasures from the perspectives of susceptible users and HSC providers to mitigate the risks