Is Anybody Home? Inferring Activity From Smart Home Network Traffic

被引:78
作者
Copos, Bogdan [1 ]
Levitt, Karl [1 ]
Bishop, Matt [1 ]
Rowe, Jeff [1 ]
机构
[1] Univ Calif Davis, Dept Comp Sci, Davis, CA 95616 USA
来源
2016 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2016) | 2016年
关键词
D O I
10.1109/SPW.2016.48
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
As smart home devices are introduced into our homes, security and privacy concerns are being raised. Smart home devices collect, exchange, and transmit various data about the environment of our homes. This data can not only be used to characterize a physical property but also to infer personal information about the inhabitants. One potential attack vector for smart home devices is the use of traffic classification as a source for covert channel attacks. Specifically, we are concerned with the use of traffic classification techniques for inferring events taking place within a building. In this work, we study two of the most popular smart home devices, the Nest Thermostat and the wired Nest Protect (i.e. smoke and carbon dioxide detector) and show that traffic analysis can be used to learn potentially sensitive information about the state of a smart home. Among other observations, we show that we can determine, with 88% and 67% accuracy respectively, when the thermostat transitions between the Home and Auto Away mode and vice versa, based only on network traffic originating from the device. This information may be used, for example, by an attacker to infer whether the home is occupied.
引用
收藏
页码:245 / 251
页数:7
相关论文
共 16 条
[1]  
[Anonymous], 1998, TRAFFIC ANAL SSL ENC
[2]  
Bissias GD, 2006, LECT NOTES COMPUT SC, V3856, P1
[3]   Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail [J].
Dyer, Kevin P. ;
Coull, Scott E. ;
Ristenpart, Thomas ;
Shrimpton, Thomas .
2012 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2012, :332-346
[4]   Analytical and empirical analysis of countermeasures to traffic analysis attacks [J].
Fu, XW ;
Graham, B ;
Bettati, R ;
Zhao, W .
2003 INTERNATIONAL CONFERENCE ON PARALLEL PROCESSING, PROCEEDINGS, 2003, :483-492
[5]  
Gibbs S., 2015, Hackers can hijack Wi-Fi Hello Barbie to spy on your children
[6]  
Herrmann D., 2009, P 2009 ACM WORKSH CL, P31, DOI DOI 10.1145/1655008.1655013
[7]  
Hintz A, 2003, LECT NOTES COMPUT SC, V2482, P171
[8]  
Liberatore M., 2006, P 13 ACM C COMP COMM, P255, DOI DOI 10.1145/1180405.1180437
[9]  
Luo X, 2011, NDSS
[10]  
Mollers F., 7 ACM C SECURITY PRI, P195