Preserving Contextual-Privacy for Smart home IoT devices with Dynamic Traffic Shaping

Abstract The proliferation of smart home Internet of things (IoT) devices presents unprecedented challenges for preserving privacy within the home. In this paper, we demonstrate that a passive network observer (e.g., an Internet service provider) can infer private in-home activities by analyzing Internet traffic from commercially available smart home devices even when the devices use end-to-end transport-layer encryption. We evaluate common approaches for defending against these types of traffic analysis attacks, including firewalls, virtual private networks, and independent link padding, and find that none sufficiently conceal user activities with reasonable data overhead. We develop a new defense, “stochastic traffic padding” (STP), that makes it difficult for a passive network adversary to reliably distinguish genuine user activities from generated traffic patterns designed to look like user interactions. Our analysis provides a theoretical bound on an adversary’s ability to accurately detect genuine user activities as a function of the amount of additional cover traffic generated by the defense technique.

Download Full-text

IoT Traffic: Modeling and Measurement Experiments

IoT ◽

10.3390/iot2010008 ◽

2021 ◽

Vol 2 (1) ◽

pp. 140-162

Author(s):

Hung Nguyen-An ◽

Thomas Silverston ◽

Taku Yamazaki ◽

Takumi Miyoshi

Keyword(s):

Smart Home ◽

Large Scale ◽

Traffic Modeling ◽

The Novel ◽

Network Behavior ◽

Performance Accuracy ◽

Traffic Generator ◽

Multiple Devices ◽

Iot Devices ◽

The Internet Of Things

We now use the Internet of things (IoT) in our everyday lives. The novel IoT devices collect cyber–physical data and provide information on the environment. Hence, IoT traffic will count for a major part of Internet traffic; however, its impact on the network is still widely unknown. IoT devices are prone to cyberattacks because of constrained resources or misconfigurations. It is essential to characterize IoT traffic and identify each device to monitor the IoT network and discriminate among legitimate and anomalous IoT traffic. In this study, we deployed a smart-home testbed comprising several IoT devices to study IoT traffic. We performed extensive measurement experiments using a novel IoT traffic generator tool called IoTTGen. This tool can generate traffic from multiple devices, emulating large-scale scenarios with different devices under different network conditions. We analyzed the IoT traffic properties by computing the entropy value of traffic parameters and visually observing the traffic on behavior shape graphs. We propose a new method for identifying traffic entropy-based devices, computing the entropy values of traffic features. The method relies on machine learning to classify the traffic. The proposed method succeeded in identifying devices with a performance accuracy up to 94% and is robust with unpredictable network behavior with traffic anomalies spreading in the network.

Download Full-text

A Secure and Scalable Smart Home Gateway to Bridge Technology Fragmentation

Sensors ◽

10.3390/s21113587 ◽

2021 ◽

Vol 21 (11) ◽

pp. 3587

Author(s):

Ezequiel Simeoni ◽

Eugenio Gaeta ◽

Rebeca I. García-Betances ◽

Dave Raggett ◽

Alejandro M. Medrano-Gil ◽

...

Keyword(s):

Smart Home ◽

Home Automation ◽

Dynamic Configuration ◽

Home Gateway ◽

Security Authentication ◽

Living Lab ◽

Automation Systems ◽

Authentication And Authorization ◽

Iot Devices ◽

Bridge Technology

Internet of Things (IoT) technologies are already playing an important role in our daily activities as we use them and rely on them to increase our abilities, connectivity, productivity and quality of life. However, there are still obstacles to achieving a unique interface able to transfer full control to users given the diversity of protocols, properties and specifications in the varied IoT ecosystem. Particularly for the case of home automation systems, there is a high degree of fragmentation that limits interoperability, increasing the complexity and costs of developments and holding back their real potential of positively impacting users. In this article, we propose implementing W3C’s Web of Things Standard supported by home automation ontologies, such as SAREF and UniversAAL, to deploy the Living Lab Gateway that allows users to consume all IoT devices from a smart home, including those physically wired and using KNX® technology. This work, developed under the framework of the EC funded Plan4Act project, includes relevant features such as security, authentication and authorization provision, dynamic configuration and injection of devices, and devices abstraction and mapping into ontologies. Its deployment is explained in two scenarios to show the achieved technology’s degree of integration, the code simplicity for developers and the system’s scalability: one consisted of external hardware interfacing with the smart home, and the other of the injection of a new sensing device. A test was executed providing metrics that indicate that the Living Lab Gateway is competitive in terms of response performance.

Download Full-text

HomeTec Software for Security Aspects of Smart Home Devices Based on IoT

10.54216/jcim.050101 ◽

2021 ◽

pp. 5-16

Author(s):

Parth Rustagi ◽

◽

...

Keyword(s):

Smart Home ◽

Denial Of Service ◽

Security Protocols ◽

The Internet ◽

Security Threats ◽

Deep Dive ◽

Cost Cutting ◽

Full Control ◽

Iot Devices ◽

Service Data

As useful as it gets to connect devices to the internet to make life easier and more comfortable, it also opens the gates to various cyber threats. The connection of Smart Home devices to the internet makes them vulnerable to malicious hackers that infiltrate the system. Hackers can penetrate these systems and have full control over devices. This can lead to denial of service, data leakage, invasion of privacy, etc. Thus security is a major aspect of Smart home devices. However, many companies manufacturing these Smart Home devices have little to no security protocols in their devices. In the process of making the IoT devices cheaper, various cost-cutting is done on the security protocols in IoT devices. In some way, many manufactures of the devices don’t even consider this as a factor to build upon. This leaves the devices vulnerable to attacks. Various authorities have worked upon to standardize the security aspects for the IoT and listed out guidelines for manufactures to follow, but many fail to abide by them. This paper introduces and talks about the various threats, various Security threats to Smart Home devices. It takes a deep dive into the solutions for the discussed threats. It also discusses their prevention. Lastly, it discusses various preventive measures and good practices to be incorporated to protect devices from any future attacks.

Download Full-text

Voice-Controlled IoT Devices Framework for Smart Home

Lecture Notes in Networks and Systems - Proceedings of First International Conference on Computing, Communications, and Cyber-Security (IC4S 2019) ◽

10.1007/978-981-15-3369-3_5 ◽

2020 ◽

pp. 57-67

Author(s):

Ravi Ranjan ◽

Aditi Sharma

Keyword(s):

Smart Home ◽

Iot Devices

Download Full-text

Towards Secure and Privacy-Preserving IoT Enabled Smart Home: Architecture and Experimental Study

Sensors ◽

10.3390/s20216131 ◽

2020 ◽

Vol 20 (21) ◽

pp. 6131

Author(s):

Mamun Abu-Tair ◽

Soufiene Djahel ◽

Philip Perry ◽

Bryan Scotney ◽

Unsub Zia ◽

...

Keyword(s):

Experimental Study ◽

Smart Home ◽

Privacy Preservation ◽

Smart Cities ◽

Security And Privacy ◽

Test Cases ◽

Security Threats ◽

Hardware Implementations ◽

Cryptographic Algorithms ◽

Iot Devices

Internet of Things (IoT) technology is increasingly pervasive in all aspects of our life and its usage is anticipated to significantly increase in future Smart Cities to support their myriad of revolutionary applications. This paper introduces a new architecture that can support several IoT-enabled smart home use cases, with a specified level of security and privacy preservation. The security threats that may target such an architecture are highlighted along with the cryptographic algorithms that can prevent them. An experimental study is performed to provide more insights about the suitability of several lightweight cryptographic algorithms for use in securing the constrained IoT devices used in the proposed architecture. The obtained results showed that many modern lightweight symmetric cryptography algorithms, as CLEFIA and TRIVIUM, are optimized for hardware implementations and can consume up to 10 times more energy than the legacy techniques when they are implemented in software. Moreover, the experiments results highlight that CLEFIA significantly outperforms TRIVIUM under all of the investigated test cases, and the latter performs 100 times worse than the legacy cryptographic algorithms tested.

Download Full-text

ROUTER: Fog enabled cloud based intelligent resource management approach for smart home IoT devices

Journal of Systems and Software ◽

10.1016/j.jss.2019.04.058 ◽

2019 ◽

Vol 154 ◽

pp. 125-138 ◽

Cited By ~ 23

Author(s):

Sukhpal Singh Gill ◽

Peter Garraghan ◽

Rajkumar Buyya

Keyword(s):

Resource Management ◽

Smart Home ◽

Management Approach ◽

Iot Devices

Download Full-text

Vulnerability Studies and Security Postures of IoT Devices: A Smart Home Case Study

IEEE Internet of Things Journal ◽

10.1109/jiot.2020.2983983 ◽

2020 ◽

Vol 7 (10) ◽

pp. 10102-10110

Author(s):

Brittany D. Davis ◽

Janelle C. Mason ◽

Mohd Anwar

Keyword(s):

Smart Home ◽

Iot Devices

Download Full-text

Cost Oriented Humanoid Robot communication with IoT devices via MQTT and interaction with a Smart Home HUB connected devices

IFAC-PapersOnLine ◽

10.1016/j.ifacol.2019.12.455 ◽

2019 ◽

Vol 52 (25) ◽

pp. 104-109

Author(s):

Stefan Chivarov ◽

Peter Kopacek ◽

Nayden Chivarov

Keyword(s):

Smart Home ◽

Humanoid Robot ◽

Iot Devices ◽

Robot Communication

Download Full-text

Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective

Sensors ◽

10.3390/s19092148 ◽

2019 ◽

Vol 19 (9) ◽

pp. 2148 ◽

Cited By ~ 13

Author(s):

Mookyu Park ◽

Haengrok Oh ◽

Kyungho Lee

Keyword(s):

Smart Home ◽

Situational Awareness ◽

Personal Information ◽

Human Life ◽

Information Leakage ◽

Security Threats ◽

Security Risk ◽

Iot Security ◽

Home Based ◽

Iot Devices

Internet-of-Things (IoT) is a technology that is extensively being used in various fields. Companies like Samsung, LG, and Apple are launching home appliances that use IoT as a part of their smart home business. Currently, Intelligent Things which combine artificial intelligence (AI) and IoT are being developed. Most of these devices are configured to collect and respond to human behavior (motion, voice, etc.) through built-in sensors. If IoT devices do not ensure high security, personal information could be leaked. This paper describes the IoT security threats that can cause information leakage from a hierarchical viewpoint of cyberspace. In addition, because these smart home-based IoT devices are closely related to human life, considering social damage is a problem. To overcome this, we propose a framework to measure the risk of IoT devices based on security scenarios that can occur in a smart home.

Download Full-text