is anybody home inferring activity from smart home
play

Is Anybody Home? Inferring Activity from Smart Home Network Traffic - PowerPoint PPT Presentation

Mar 31, 2024 •422 likes •803 views

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop Karl Levitt Jeff Rowe University of California, Davis 1 / 21 2 / 21 3 / 21 4 / 21 Security Many things can go wrong... malicious firmware

  1. Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop Karl Levitt Jeff Rowe University of California, Davis 1 / 21

  2. 2 / 21

  3. 3 / 21

  10. 4 / 21

  11. Security Many things can go wrong... ◮ malicious firmware e.g. Nest hack presented at BlackHat ’14 ◮ poor authentication e.g. Rapid7 report on baby monitors hacks ◮ communication hack e.g. Xfinity Home Security System jamming hack ◮ compromised cloud nothing yet? ◮ data inference 5 / 21

  12. Traffic Analysis The process of analyzing network traffic for inferring information about the device and its state ◮ packet/connection size ◮ protocol ◮ source/destination address ◮ timing information ◮ burstiness 6 / 21

  13. Background Traffic Analysis: ◮ Web Browsing ◮ Marketing ◮ Reconfiguring Networks ◮ Monitoring IoT/Smart Home Devices: ◮ “ Extrapolation and prediction of user behaviour from wireless home automation communication ” F. Mollers et al (WiSec ’14) ◮ “ Smart Nest Thermostat: A Smart Spy in Your Home ” G. Hernandez (BlackHat ’14) ◮ “ Security Analysis of Emerging Smart Home Applications ” E. Fernandes et. al. (S&P ’16) 7 / 21

  14. Devices ◮ Nest Thermostat 2nd Generation ◮ remotely control temperature ◮ motion detector ◮ self-learning schedule ◮ interface for settings and usage logs ◮ 802.15.4 radio ◮ Nest Protect 2nd Generation ◮ motion detector ◮ Pathlight ◮ Nest Interconnect ◮ 802.15.4 radios 8 / 21

  15. Problem Statement What does network traffic tell us about the devices (and their state)? 9 / 21

  16. Problem Statement What does network traffic tell us about the devices (and their state)? Can network traffic be used to infer state of building? 9 / 21

  17. Events of Interest 1. Nest Thermostat mode ◮ Home ◮ Auto-Away 10 / 21

  18. Events of Interest 1. Nest Thermostat mode ◮ Home ◮ Auto-Away 2. Nest Protect Pathlight Activation 10 / 21

  19. Events of Interest 1. Nest Thermostat mode ◮ Home ◮ Auto-Away 2. Nest Protect Pathlight Activation 3. Nest Protect Smoke Alarm 10 / 21

  20. Setup HP netbook Network interface in monitor mode dumpcap with MAC address based filter Approximately 1 month of pcaps Convert pcaps to connection logs using Bro 11 / 21

  21. User Activity User activity during time of packet captures varies: ◮ time of arrival ◮ time of departure ◮ number of arrivals & departures 12 / 21

  22. Traffic Overview Nest Thermostat ◮ 14 hosts ◮ HTTP, NTP , DNS, SSL/TLS HTTP used to obtain weather data 6000 5000 4000 Payload Bytes Sent 3000 2000 1000 0 3 12 15 18 21 27 33 51 57 63 72 0 6 9 24 30 36 39 42 45 48 54 60 66 69 Time (hours) 13 / 21

  23. Correlation Analysis Supervised correlation analysis to identify connections (up to set of three connections) which occur only during the time of an event. 1. Extract time of events (i.e. ground-truth ) 14 / 21

  24. Correlation Analysis Supervised correlation analysis to identify connections (up to set of three connections) which occur only during the time of an event. 1. Extract time of events (i.e. ground-truth ) 2. Parse connection logs and extract connections 14 / 21

  25. Correlation Analysis Supervised correlation analysis to identify connections (up to set of three connections) which occur only during the time of an event. 1. Extract time of events (i.e. ground-truth ) 2. Parse connection logs and extract connections 3. For each type of event, generate frequency count per connection 14 / 21

  26. Correlation Analysis Supervised correlation analysis to identify connections (up to set of three connections) which occur only during the time of an event. 1. Extract time of events (i.e. ground-truth ) 2. Parse connection logs and extract connections 3. For each type of event, generate frequency count per connection 4. Identify connections with high correlations 14 / 21

  27. Findings ◮ Mode Transition ◮ Home − > Auto-Away : set of 3 connections ◮ Auto-Away − > Home : single connection ◮ NTP requests ◮ Pathlight Activation ◮ Smoke Alarm ◮ set of 2 connections 15 / 21

  28. NTP Traffic 16 / 21

  29. Evaluation ◮ Mode Transition Home − > Auto-Away : 67% accuracy, 0 False Positives Auto-Away − > Home : 88% accuracy, 0 False Positives ◮ NTP Requests simple SVM approach (features = number of NTP requests per hour period) 81% accuracy ◮ Pathlight Activation 50% accuracy (100% sensitivity), 0 False Negative FP due to repeated connections after 30 minutes ◮ Smoke Alarm 100% accuracy 17 / 21

  30. Limitations ◮ lack of flexibility for connection sizes 18 / 21

  31. Limitations ◮ lack of flexibility for connection sizes ◮ time dependency 18 / 21

  32. Limitations ◮ lack of flexibility for connection sizes ◮ time dependency ◮ no WPA/WEP encryption 18 / 21

  33. Limitations ◮ lack of flexibility for connection sizes ◮ time dependency ◮ no WPA/WEP encryption ◮ source of False Positives and False Negatives 18 / 21

  34. What can be done? Previously proposed countermeasures include: ◮ Morphing ◮ Injecting Bogus Traffic ◮ Padding BUT... must consider that IoT devices have limited resources 19 / 21

  35. Future Work ◮ Apply signal processing techniques to model state of devices ◮ Study defense mechanisms 20 / 21

  36. Thank you! bcopos@ucdavis.edu This work was made possible by the RISE project and NSF SaTC . 21 / 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on autopilot! My Loxone Smart Home and I think alike. If I ever want to change something, a single press on a switch is enough. Simple To Use

95 views • 9 slides
HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem,

HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem,

HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem, but at the same time, its easy to install and manage. It can be customized and adjusted to the specifjc need of each room or space. Home

418 views • 17 slides
Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own home in a smart home. Combining new and innovative technology with our smart software allows your home to deliver support in your daily life.

428 views • 20 slides
A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the

A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the

A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the worlds most advanced smart home gateway enabling intuitive home management. It is a result of our 10 years of experience and numerous comments

190 views • 17 slides
Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina Markopoulou, and Brian Demsky Smart Home 2 Smart Home Smart Plugs 2 Smart Home Smart Plugs Light Bulbs 2 Smart Home Smart Plugs Light Bulbs

1.92k views • 146 slides
Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG jacob.fahrenkrug@yetu.com http://yetu.com twitter: @yetuAG, @jacobfahrenkrug 2 Definition of Smart Home 3 Smart Home is not home automation! 4 5 6

243 views • 23 slides
ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and

ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and

ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and office automation. The head office of the company is located in Cologne (Germany). Our new product line combines easy mounting and installation with a

557 views • 52 slides
Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe

Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe

April 2013 Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe Harbor Cautionary Statement Concerning Forward Looking Statements Certain statements contained herein may constitute forward - looking

567 views • 32 slides
The potential and challenges of inferring thermal comfort at home using commodity sensors

The potential and challenges of inferring thermal comfort at home using commodity sensors

The potential and challenges of inferring thermal comfort at home using commodity sensors Chuan-Che (Jeff) Huang Rayoung Yang Mark W. Newman Understand the connection between psychological and physiological factors You seem to feel cool,

770 views • 57 slides
Surveillance & Home Automation for the Smart Home AllJoyn and Kalay Integration Yuping

Surveillance & Home Automation for the Smart Home AllJoyn and Kalay Integration Yuping

Surveillance & Home Automation for the Smart Home AllJoyn and Kalay Integration Yuping Tseng Chief Technology Officer ThroughTek Co., Ltd. 10/15/2015 AllSeen Alliance 1 Agenda 1. Introduction About ThroughTek 2. Kalay Platform &

258 views • 25 slides
Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

HomeScan: Scrutinizing Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong and Zhenkai Liang 1 Background IoT-enhanced smart home is getting popular

702 views • 30 slides
Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul Prakash IEEE Security and Privacy 24 May 2016 Smart Door Locks CO Sensors Connected Ovens Smart Plugs IP Cameras Emerging Smart Home Frameworks

502 views • 35 slides
Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Do Privacy and Security Matter to Everyone? Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M. Barbosa , Zhuohao Zhang, Yang Wang The Smart Home Adoption-Concern Conundrum

639 views • 10 slides
for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products

for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products

Media Network Solutions for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products and services? Companies aspire to provide services that meet their client`s needs. They try to offer a smart solution to

331 views • 17 slides
The Desirable Home The three factors in selling a home H Home buying is an emotional

The Desirable Home The three factors in selling a home H Home buying is an emotional

The Desirable Home The three factors in selling a home H Home buying is an emotional practical decision 1) Exposure to potential buyers 2) Presentation of home 3)PRICE How To Get Buyers To Hate Your Home House Odors Smoke

137 views • 13 slides
Home is Where Your Phone is: Usability Evaluation of Mobile Phone UI for a Smart Home Tiiu

Home is Where Your Phone is: Usability Evaluation of Mobile Phone UI for a Smart Home Tiiu

Home is Where Your Phone is: Usability Evaluation of Mobile Phone UI for a Smart Home Tiiu Koskela, Kaisa Vnnen-Vainio-Mattila & Lauri Lehti Tampere University of Technology Tiiu.Koort@nokia.com Kaisa.Vaananen-Vainio-Mattila@tut.fi

312 views • 5 slides
Smart Infrastructure for Urban Mobility Stephen F. Smith TRAFFIC CONGESTION costs $121 billion

Smart Infrastructure for Urban Mobility Stephen F. Smith TRAFFIC CONGESTION costs $121 billion

Technologies for Safe and Efficient Transportation Smart Infrastructure for Urban Mobility Stephen F. Smith TRAFFIC CONGESTION costs $121 billion per year in the US produces 56 billion pounds of CO 2 annually 40% 40% of of time ime spent

267 views • 11 slides
A Realistic Dataset for the Smart Home Device Scheduling Problem for DCOPs William Kluegel 1 ,

A Realistic Dataset for the Smart Home Device Scheduling Problem for DCOPs William Kluegel 1 ,

A Realistic Dataset for the Smart Home Device Scheduling Problem for DCOPs William Kluegel 1 , Muhammad Iqbal 1 , Ferdinando Fioretto 2 , William Yeoh 1 , Enrico Pontelli 1 1 New Mexico State University 2 University of Michigan May, 2017

287 views • 28 slides
A Tool for Enabling Anticipatory Thinking in Smart City Planning Muhammad Shahzad (CSC, NCSU)

A Tool for Enabling Anticipatory Thinking in Smart City Planning Muhammad Shahzad (CSC, NCSU)

Computer Science A Tool for Enabling Anticipatory Thinking in Smart City Planning Muhammad Shahzad (CSC, NCSU) Yannis Viniotis (ECE, NCSU) Kathleen Vogel (PP, UMD) Computer Science Agenda Introduction of Anticipatory Thinking

357 views • 21 slides
Sensor Drift Calibration via Spatial Correlation Model in Smart Building Tinghuan Chen 1 Bingqing

Sensor Drift Calibration via Spatial Correlation Model in Smart Building Tinghuan Chen 1 Bingqing

Sensor Drift Calibration via Spatial Correlation Model in Smart Building Tinghuan Chen 1 Bingqing Lin 2 Hao Geng 1 Bei Yu 1 1 Chinese University of Hong Kong, Hong Kong 2 Shenzhen University, China 1 / 19 Smart Building and Cyber-Physical System

417 views • 19 slides
Cede Review and You How to Navigate this Evolving New World of IRB Review MATTHEW

Cede Review and You How to Navigate this Evolving New World of IRB Review MATTHEW

Cede Review and You How to Navigate this Evolving New World of IRB Review MATTHEW OGRODNIK, MS, CIP DIRECTOR INSTITUTIONAL REVIEW BOARD BOSTON MEDICAL CENTER AND BOSTON UNIVERSITY MEDICAL CAMPUS Ceding Review and SMART IRB Learning

663 views • 44 slides
Query Processing on Smart SSDs Opportunities and Challenges Jaeyoung Do 1 , Yang Seok Ki 2 ,

Query Processing on Smart SSDs Opportunities and Challenges Jaeyoung Do 1 , Yang Seok Ki 2 ,

Query Processing on Smart SSDs Opportunities and Challenges Jaeyoung Do 1 , Yang Seok Ki 2 , Jignesh M. Patel 1 , Chanik Park 2 , Kwanghyun Park 1 , David J. DeWitt 3 1 University of Wisconsin Madison Contact: 2 Samsung Semiconductor Inc.

481 views • 30 slides
Trust in Smart Contracts is a Process, As Well F IRAS AL-KHALIL, TOM BUTLER, LEONA OBRIEN, AND

Trust in Smart Contracts is a Process, As Well F IRAS AL-KHALIL, TOM BUTLER, LEONA OBRIEN, AND

Tools for Developers Tools for Lawyers Trust in Smart Contracts is a Process, As Well F IRAS AL-KHALIL, TOM BUTLER, LEONA OBRIEN, AND MARCELLO CECI Governance, Risk, and Compliance Technology Center University College Cork Cork, Ireland 1 st

397 views • 36 slides
WORK SMART: APPLYING PROJECT MANAGEMENT TECHNIQUES TO LIBRARY PROJECTS MICHAEL PERRY

WORK SMART: APPLYING PROJECT MANAGEMENT TECHNIQUES TO LIBRARY PROJECTS MICHAEL PERRY

WORK SMART: APPLYING PROJECT MANAGEMENT TECHNIQUES TO LIBRARY PROJECTS MICHAEL PERRY NORTHWESTERN UNIVERSITY LIBRARY ABOUT ME Michael Perry Head of Assessment and Planning 6+ years project management experience Northwestern University

539 views • 19 slides

More recommend