Projects per year
Abstract
We present a new machine learning-based attack that exploits network patterns to detect the presence of smart IoT devices and running services in the WiFi radio spectrum. We perform an extensive measurement campaign of data collection, and we build up a model describing the traffic patterns characterizing three popular IoT smart home devices, i.e., Google Nest Mini, Amazon Echo, and Amazon Echo Dot. We prove that it is possible to detect and identify with overwhelming probability their presence and the services running by the aforementioned devices in a crowded WiFi scenario. This work proves that standard encryption techniques alone are not sufficient to protect the privacy of the end-user, since the network traffic itself exposes the presence of both the device and the associated service. While more work is required to prevent non-trusted third parties to detect and identify the user’s devices, we introduce Eclipse, a technique to mitigate these types of attacks, which reshapes the traffic making the identification of the devices and the associated services similar to the random classification baseline.
Original language | English |
---|---|
Title of host publication | SpaCCS 2020 International Workshops, 2020, Proceedings |
Editors | Guojun Wang, Bing Chen, Wei Li, Roberto Di Pietro, Xuefeng Yan, Hao Han |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 122-136 |
Number of pages | 15 |
ISBN (Print) | 9783030688837 |
DOIs | |
Publication status | Published - 2021 |
Event | 13th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2020 - Nanjing, China Duration: 18 Dec 2020 → 20 Dec 2020 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 12383 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 13th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2020 |
---|---|
Country/Territory | China |
City | Nanjing |
Period | 18/12/20 → 20/12/20 |
Keywords
- Cyberphysical systems
- Internet of Things
- Machine learning
- Privacy
- Security
Fingerprint
Dive into the research topics of 'The Dark (and Bright) Side of IoT: Attacks and Countermeasures for Identifying Smart Home Devices and Services'. Together they form a unique fingerprint.Projects
- 1 Finished
-
EX-QNRF-NPRPS-44: Secure Grid Transformation: Connecting the “Grid of Things” to the “Grid of People” Using a Secure Transactive Energy Framework
Oligeri, G. (Lead Principal Investigator), Student-1, G. (Graduate Student), Fellow-3, P. D. (Post Doctoral Fellow), Omri, D. A. (Principal Investigator), Mohammadi-ivatloo, D. B. (Principal Investigator), Asadi, D. S. (Principal Investigator) & Fernandez, M. J. H. (Principal Investigator)
5/01/20 → 4/05/23
Project: Applied Research