ABSTRACT
In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home such as cooking, showering, toileting, and sleeping by eavesdropping on the wireless transmissions of sensors in a home, even when all of the transmissions are encrypted. We call this the Fingerprint and Timing-based Snooping (FATS) attack. This attack can already be carried out on millions of homes today, and may become more important as ubiquitous computing environments such as smart homes and assisted living facilities become more prevalent. In this paper, we demonstrate and evaluate the FATS attack on eight different homes containing wireless sensors. We also propose and evaluate a set of privacy preserving design guidelines for future wireless ubiquitous systems and show how these guidelines can be used in a hybrid fashion to prevent against the FATS attack with low implementation costs.
- Anritsu high performance signal analyser. http://www.scs.carleton.ca/jhall2/Publications/anritsu_us.pdf.Google Scholar
- Assisted living and residential monitoring network project. University of Virginia ALARMNET project, http://www.cs.virginia.edu/wsn/medical/.Google Scholar
- Dark deal hacking wireless video cameras. http://www.g4tv.com/techtvvault/features/46880/.Google Scholar
- Hagai Bar El, Introduction to Side Channel Attacks, http://www.hbarel.com/publications.htm.Google Scholar
- United States department of health and human services, HIPAA regulations and standards. http://www.hhs.gov/ocr/hipaa/.Google Scholar
- X10 home security home automation electronics. http://www.x10.com.Google Scholar
- Toshihiro Takada et al, Proximity mining: Finding proximity using sensor data history. In WMCSA, 2003.Google Scholar
- Jing Deng Han et al, Countermeasures against traffic analysis attacks in wireless sensor networks. In SecureComm, 2005. Google ScholarDigital Library
- Yi Yang et al, Towards event source unobservability with minimum network traffic in sensor networks. In WiSec, 2008. Google ScholarDigital Library
- D. Chaum. Untraceable electronic mail, return addresses and digital pseudonyms. In Communications of the ACM, pages 84--88, 1981. Google ScholarDigital Library
- F. Dotzer. Privacy issues in vanet. In workshop on Privacy Enhanced Technology, 2005.Google Scholar
- M. Ester, Kriegel, J. Sander, and X. Xu. A density-based algorithm for discovering clusters in large spatial databases with noise. In International Conference on Knowledge Discovery and Data Mining, 1996.Google Scholar
- D. B. Faria and D. R. Cheriton. Detecting identity-based attacks in wireless networks using signalprints. In Wise, 2006. Google ScholarDigital Library
- J. Hall, M. Barbeau, and E. Kranakis. Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In Communications Internet and Information Technology, November 2004.Google Scholar
- J. Hall, M. Barbeau, and E. Kranakis. Detecting rogue devices in bluetooth networks using radio frequency fingerprinting. In IASTED International Conference on Communications and Computer Networks, October 2006.Google Scholar
- P. Kamat, Y. Zhang, W. Trappe, and C. Ozturk. Enhancing source location privacy in sensor network routing. In Int Conference on Distributed Computing Systems, 2005. Google ScholarDigital Library
- M. Kuhn. Electromagnetic eavesdropping risks of flat-panel displays. In Workshop on Privacy Enhancing Technologies, 2004. Google ScholarDigital Library
- R. Lim. Wireless fire sensor network demonstrator. Master's thesis, ETH Zurich, 2006.Google Scholar
- B. Logan, J. Healey, M. Philipose, E. M. Tapia, and S. Intille. A long-term evaluation of sensing modalities for activity recognition. In Ubicomp, 2007. Google ScholarDigital Library
- J. Pang, B. Greenstein, R. Gummadi, S. Seshan, and D. Wetherall. 802.11 user fingerprinting. In MobiCom, 2007. Google ScholarDigital Library
- Parks Associates Research and Analysis for Digital Living. Home security system forecasts: 2005 and beyond, November 2005. http://www.parksassociates.com/research/reports/tocs/2005/security.htm.Google Scholar
- K. B. Rasmussen and S. Capkun. Implications of Radio Fingerprinting on the Security of Sensor Networks. Technical Report 536, ETH Zrich IFW, 2006.Google Scholar
- S. Saponas, J. Lester, C. Hartung, S. Agarwal, and T. Kohno. Devices that tell on you privacy trends in consumer ubiquitous computing. In Usenix Security Symposium, 2007. Google ScholarDigital Library
- E. M. Tapia, S. S. Intille, and K. Larson. Activity recognition in the home setting using simple and ubiquitous sensors. In Proceedings of PERVASIVE, 2004.Google Scholar
- D. Wyatt, M. Philipose, and T. Choudhury. Unsupervised activity recognition using automatically mined common sense. In AAAI, 2005. Google ScholarDigital Library
Index Terms
- Protecting your daily in-home activity information from a wireless snooping attack
Recommendations
Sensor requirements for activity recognition on smart watches
PETRA '13: Proceedings of the 6th International Conference on PErvasive Technologies Related to Assistive EnvironmentsThe new generation of watches is smart. Smart watches are connected to the internet and provide sensor functionality that allows an enhanced human-computer-interaction. Smart watches provide a gesture interaction and a permanent monitoring of physical ...
Daily activity monitoring system designed for elderly people using hidden Markov models based on real world datasets
This work describes how our abnormal behaviour detection system functions for seniors in their home. Our research is based on the data gathered by a domotic box that is available for purchase. The box was initially intended to continuously detect the ...
Elderly daily activity habits or lifestyle in their natural environments
PETRA '11: Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive EnvironmentsA research and development innovation project partly funded by the French company EDF was conducted for the advancement of smart homes. The aim is to help elderly to live at home in safe conditions. The experiments were carried out in a long-term ...
Comments