203 research outputs found

    On privacy in home automation systems

    Get PDF
    Home Automation Systems (HASs) are becoming increasingly popular in newly built as well as existing properties. While offering increased living comfort, resource saving features and other commodities, most current commercial systems do not protect sufficiently against passive attacks. In this thesis we investigate privacy aspects of Home Automation Systems. We analyse the threats of eavesdropping and traffic analysis attacks, demonstrating the risks of virtually undetectable privacy violations. By taking aspects of criminal and data protection law into account, we give an interdisciplinary overview of privacy risks and challenges in the context of HASs. We present the first framework to formally model privacy guarantees of Home Automation Systems and apply it to two different dummy traffic generation schemes. In a qualitative and quantitative study of these two algorithms, we show how provable privacy protection can be achieved and how privacy and energy efficiency are interdependent. This allows manufacturers to design and build secure Home Automation Systems which protect the users' privacy and which can be arbitrarily tuned to strike a compromise between privacy protection and energy efficiency.Hausautomationssysteme (HAS) gewinnen sowohl im Bereich der Neubauten als auch bei Bestandsimmobilien stetig an Beliebtheit. Während sie den Wohnkomfort erhöhen, Einsparpotential für Strom und Wasser sowie weitere Vorzüge bieten, schützen aktuelle Systeme nicht ausreichend vor passiven Angriffen. In dieser Arbeit untersuchen wir Aspekte des Datenschutzes von Hausautomationssystemen. Wir betrachten die Gefahr des Abfangens von Daten sowie der Verkehrsanalyse und zeigen die Risiken auf, welche sich durch praktisch unsichtbare Angriffe für Nutzende ergeben. Die Betrachtung straf- und datenschutzrechtlicher Aspekte ermöglicht einen interdisziplinären Überblick über Datenschutzrisiken im Kontext von HAS. Wir stellen das erste Rahmenwerk zur formellen Modellierung von Datenschutzgarantien in Hausautomationssystemen vor und demonstrieren die Anwendung an zwei konkreten Verfahren zur Generierung von Dummy-Verkehr. In einer qualitativen und quantitativen Studie der zwei Algorithmen zeigen wir, wie Datenschutzgarantien erreicht werden können und wie sie mit der Energieeffizienz von HAS zusammenhängen. Dies erlaubt Herstellern die Konzeption und Umsetzung von Hausautomationssystemen, welche die Privatsphäre der Nutzenden schützen und die eine freie Parametrisierung ermöglichen, um einen Kompromiss zwischen Datenschutz und Energieeffizienz zu erreichen

    Wireless multimedia sensor networks, security and key management

    Get PDF
    Wireless Multimedia Sensor Networks (WMSNs) have emerged and shifted the focus from the typical scalar wireless sensor networks to networks with multimedia devices that are capable to retrieve video, audio, images, as well as scalar sensor data. WMSNs are able to deliver multimedia content due to the availability of inexpensive CMOS cameras and microphones coupled with the significant progress in distributed signal processing and multimedia source coding techniques. These mentioned characteristics, challenges, and requirements of designing WMSNs open many research issues and future research directions to develop protocols, algorithms, architectures, devices, and testbeds to maximize the network lifetime while satisfying the quality of service requirements of the various applications. In this thesis dissertation, we outline the design challenges of WMSNs and we give a comprehensive discussion of the proposed architectures and protocols for the different layers of the communication protocol stack for WMSNs along with their open research issues. Also, we conduct a comparison among the existing WMSN hardware and testbeds based on their specifications and features along with complete classification based on their functionalities and capabilities. In addition, we introduce our complete classification for content security and contextual privacy in WSNs. Our focus in this field, after conducting a complete survey in WMSNs and event privacy in sensor networks, and earning the necessary knowledge of programming sensor motes such as Micaz and Stargate and running simulation using NS2, is to design suitable protocols meet the challenging requirements of WMSNs targeting especially the routing and MAC layers, secure the wirelessly exchange of data against external attacks using proper security algorithms: key management and secure routing, defend the network from internal attacks by using a light-weight intrusion detection technique, protect the contextual information from being leaked to unauthorized parties by adapting an event unobservability scheme, and evaluate the performance efficiency and energy consumption of employing the security algorithms over WMSNs

    Source location anonymity for sensor networks,”

    Get PDF
    Abstract-Motivated by applications like sensor, peer to peer networks there has been growing interest in monitoring large scale distributed systems. In these applications, source location anonymity is an attractive and critical security property. Most of prior works assumed a weak adversary model where the adversary sees only local network traffic, but here we consider source anonymity against a global eavesdropper. Attaining location unobservability under global attacker is very difficult and expensive to achieve, because sensor networks are very limited in resources. In this work we propose a distributed algorithm to mix real event traffic with carefully chosen dummy traffic to hide the real event traffic pattern. We assume that we have fixed amount of resources to send dummy traffic and we try to share it among sensors so as to maximize the degree of anonymity of the system. Through simulation, we illustrate that the proposed technique is efficient in protecting location information from the eavesdropper

    Wireless Multimedia Sensor Networks Applications and Security Challenges

    Get PDF
    The emergence of low-cost and mature technologies in wireless communication, visual sensor devices, and digital signal processing facilitate of wireless multimedia sensor networks (WMSNs). Like sensor networks which respond to sensory information such as humidity and temperature, WMSN interconnects autonomous devices for capturing and processing video and audio sensory information. WMSNs will enable new applications such as multimedia surveillance, traffic enforcement and control systems, advanced health care delivery, structural health monitoring, and industrial process control. Due to WMSNs have some novel features which stem the fact that some of the sensor node will have video cameras and higher computation capabilities. Consequently, the WMSNs bring new security of challenges as well as new opportunities. This paper presents WMSNs application and security challenges

    Network Coding based Information Security in Multi-hop Wireless Networks

    Get PDF
    Multi-hop Wireless Networks (MWNs) represent a class of networks where messages are forwarded through multiple hops of wireless transmission. Applications of this newly emerging communication paradigm include asset monitoring wireless sensor networks (WSNs), command communication mobile ad hoc networks (MANETs), community- or campus-wide wireless mesh networks (WMNs), etc. Information security is one of the major barriers to the wide-scale deployment of MWNs but has received little attention so far. On the one hand, due to the open wireless channels and multi-hop wireless transmissions, MWNs are vulnerable to various information security threats such as eavesdropping, data injection/modification, node compromising, traffic analysis, and flow tracing. On the other hand, the characteristics of MWNs including the vulnerability of intermediate network nodes, multi-path packet forwarding, and limited computing capability and storage capacity make the existing information security schemes designed for the conventional wired networks or single-hop wireless networks unsuitable for MWNs. Therefore, newly designed schemes are highly desired to meet the stringent security and performance requirements for the information security of MWNs. In this research, we focus on three fundamental information security issues in MWNs: efficient privacy preservation for source anonymity, which is critical to the information security of MWNs; the traffic explosion issue, which targets at preventing denial of service (DoS) and enhancing system availability; and the cooperative peer-to-peer information exchange issue, which is critical to quickly achieve maximum data availability if the base station is temporarily unavailable or the service of the base station is intermittent. We have made the following three major contributions. Firstly, we identify the severe threats of traffic analysis/flow tracing attacks to the information security in network coding enabled MWNs. To prevent these attacks and achieve source anonymity in MWNs, we propose a network coding based privacy-preserving scheme. The unique “mixing” feature of network coding is exploited in the proposed scheme to confuse adversaries from conducting advanced privacy attacks, such as time correlation, size correlation, and message content correlation. With homomorphic encryption functions, the proposed scheme can achieve both privacy preservation and data confidentiality, which are two critical information security requirements. Secondly, to prevent traffic explosion and at the same time achieve source unobservability in MWNs, we propose a network coding based privacy-preserving scheme, called SUNC (Source Unobservability using Network Coding). Network coding is utilized in the scheme to automatically absorb dummy messages at intermediate network nodes, and thus, traffic explosion induced denial of service (DoS) can be naturally prevented to ensure the system availability. In addition to ensuring system availability and achieving source unobservability, SUNC can also thwart internal adversaries. Thirdly, to enhance the data availability when a base station is temporarily unavailable or the service of the base station is intermittent, we propose a cooperative peer-to-peer information exchange scheme based on network coding. The proposed scheme can quickly accomplish optimal information exchange in terms of throughput and transmission delay. For each research issue, detailed simulation results in terms of computational overhead, transmission efficiency, and communication overhead, are given to demonstrate the efficacy and efficiency of the proposed solutions

    A Taxonomy for and Analysis of Anonymous Communications Networks

    Get PDF
    Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design

    (Un)Suitability of Anonymous Communication Systems to WSN

    Get PDF
    Abstract Anonymous communication systems have been extensively studied by the research community to prevent the disclosure of sensitive information from the analysis of individuals' traffic patterns. Many remarkable solutions have been developed in this area, most of which have proven to be effective in the protection of user privacy against different types of attacks. Recently, the privacy preservation problem has also been considered in the realm of wireless sensor networks (WSNs) due to their imminent adoption in real-world scenarios. A special challenge that arises from the analysis of the flow of sensor nodes' communications is the location privacy problem. In this work we concentrate on analyzing the suitability of traditional anonymous communication systems originally designed for the Internet to the original scenario of sensor networks. The results show that, in most cases, traditional solutions do not provide the adequate protection means for the particular problem of location privacy, while other solutions are too resource-consuming for the restricted capabilities of sensor nodes

    Protecting Contextual Information in WSNs: Source- and Receiver-Location Privacy Solutions

    Get PDF
    La privacidad es un derecho fundamental recogido por numerosas leyes y tratados entre los que destaca la Declaración Universal de los Derechos Humanos de las Naciones Unidas. Sin embargo, este derecho fundamental se ha visto vulnerado en numerosas ocasiones a lo largo de la historia; y el desarrollo de la tecnología, en especial la mejora de los sistemas de recolección, analisis y diseminación de información, han tenido gran parte de culpa. En la actualidad nos encontramos en un punto en el que el desarrollo y despliegue de sistemas ubicuos, encabezados por las redes inalámbricas de sensores, puede llegar a suponer un riesgo de privacidad sin precedentes dada su capacidad para recolectar información en cantidades y situaciones hasta el momento insospechadas. Existe, por tanto, una urgente necesidad de desarrollar mecanismos capaces de velar por nuestra información más sensible. Es precisamente éste uno de los objetivos principales de la presente tesis doctoral: facilitar la integración de las redes inalámbricas de sensores en nuestro día a día sin que éstas supongan un grave riesgo de privacidad. Esta tesis se centra en un problema de privacidad particular que viene derivado de la naturaleza inalámbrica de las comunicaciones y de la necesidad imperiosa de ahorrar energía que existe en estas redes de recursos restringidos. Para las redes de sensores, las comunicaciones suponen un gran porcentaje del presupuesto energético y, por ello, los protocolos de encaminamiento empleados tienden a minimizarlas, utilizando protocolos de camino óptimo. Aprovechándose de esta situación, un observador podría, mediante técnicas de análisis de tráfico no demasiado sofisticadas, y sin necesidad de descifrar el contenido de los paquete, determinar el origen y el destino de las comunicaciones. Esto supone, al igual que en los sistemas de comunicación tradicionales, un grave riesgo para la privacidad. Dado que el problema de la privacidad de localización en redes de sensores se reduce a una cuestión de análisis de tráfico, parece razonable pensar que las soluciones desarrolladas a tal fin en redes de computadores pueden ser de utilida. Sin embargo, esta hipótesis ha sido rechazada en varias ocasiones con argumentos vagos al respecto de las limitaciones computacionales y energéticas de las redes de sensores. Nosotros consideramos que esto no es motivo suficiente para descartar estas soluciones ya que, a pesar de la tendencia actual, en el futuro podríamos tener nodos sensores de gran capacidad. Por ello, uno de los objetivos de esta tesis ha sido realizar un análisis exhaustivo sobre la aplicabilidad de estas soluciones al ámbito de las redes de sensores, centrándonos no sólo en los requisitos computacionales sino también en las propiedades de anonimato que se persiguen, en los modelos de atacante y en las posibles limitaciones que podrían derivarse de su aplicación. Por otra parte, se ha realizado un amplio análisis de las soluciones de privacidad de localización existentes para redes de sensores. Este análisis no se ha centrado únicamente en estudiar las técnicas de protección de empleadas sino que además se ha esforzado en destacar las ventajas e inconvenientes de las distintas soluciones. Esto ha permitido desarrollar una completa taxonomía en varios niveles basada en los recursos que se desean proteger, los modelos de adversario a los que hacer frente y las principales características o técnicas empleadas por las diferentes soluciones. Además, a partir de esto se han detectado una serie de problemas abiertos y puntos de mejora del estado del arte actual, que se han plasmado en dos nuevas soluciones; una de las soluciones se ha centrado en la protección de la localización del origen de datos, mientras que la otra se ha enfocado a la protección de la estación base. Ambas soluciones tienen en cuenta atacantes con un rango de escucha parcial y capaces de desplazarse en el terreno para observar las comunicaciones en diferentes zonas de la red. La primera de las soluciones desarrolladas parte de la observación de que los mecanismos actuales se basan principalmente en el envío de paquetes siguiendo caminos aleatorios sin ningún conocimiento acerca de si estos caminos son realmente efectivos para hacer frente a un atacante local. La idea detrás de CALP es aprovechar la capacidad que tienen las redes de sensores para sentir lo que pasa en su entorno para desarrollar mecanismos de protección más inteligentes utilizando información acerca del atacante. De esta forma, se consigue reducir drásticamente el consumo energético de la solución y al mismo tiempo se reduce el retraso de las comunicaciones, ya que el mecanismo sólo se activa ante la presencia de un atacante. Aunque esta idea se ha aplicado únicamente a la protección de los nodos origen de datos, sus características indican que también sería posible aplicarla con éxito a la protección de la estación base. La segunda solución surge tras observar que las soluciones para proteger la estación base son demasiado costosas a nivel energético o, en su defecto, revelan información sobre su localización. Además, hasta la fecha ninguna solución había tenido en cuenta que si un atacante obtiene las tablas de rutas de un nodo obtiene información sobre la estación base. Nuestra solución, HISP-NC, se basa en dos mecanismos complementarios que, por un lado, hacen frente a ataques de análisis de tráfico y, por otro lado, protegen frente al nuevo modelo de atacante desarrollado. El primer mecanismo se basa en la homogeneización del tráfico en el entorno del camino y el segundo en la perturbación de la tabla de rutas, de manera que se dificulta el ataque al tiempo que se asegura la llegada de datos a la estación base
    corecore