Protecting your daily in home activity information from a wireless snooping attack
Download
1 / 26

Protecting your Daily In-home Activity Information from a ... - PowerPoint PPT Presentation


  • 324 Views
  • Uploaded on

Protecting your Daily In-home Activity Information from a Wireless Snooping Attack Vijay Srinivasan, John Stankovic, Kamin Whitehouse University of Virginia Attacking Residential Wireless Ubiquitous systems

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Protecting your Daily In-home Activity Information from a ...' - Lucy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Protecting your daily in home activity information from a wireless snooping attack l.jpg

Protecting your Daily In-home Activity Information from a Wireless Snooping Attack

Vijay Srinivasan, John Stankovic, Kamin Whitehouse

University of Virginia


Attacking residential wireless ubiquitous systems l.jpg
Attacking Residential Wireless Ubiquitous systems Wireless Snooping Attack

  • Residential wireless ubiquitous systems that track Activities of Daily Living are growing in number

    • Elderly monitoring: University of Virginia’s ALARMNET, Harvard’s CodeBlue

    • Home security / automation: 5 million X10 systems in the US

  • We present a new wireless snooping attack that infers surprisingly detailed daily activities of residents such as Showering and Cooking in spite of encryption

    • On existing and future systems around the world including possibly your home

  • We present privacy preserving guidelines to protect your activity details from this attack


Fats attack f ingerprint a nd t iming based s noop attack l.jpg
FATS Attack - Wireless Snooping AttackFingerprint And Timing-based Snoop attack

  • Input: Series of (Timestamp,Fingerprint) pairs

  • Wireless Fingerprinting

    • Uses Physical Characteristics of transmissions to differentiate radio sources

    • Demonstrated on WiFi radios, Bluetooth radios and the mica mote’s CC1000 radios

Adversary

Fingerprint and Timestamp Snooping Device

Bedroom #2

Kitchen

Locations and

Sensor Types

Timestamps

Fingerprints

Bathroom

T1

T2

T3

?

?

?

Living Room

Bedroom #1

Front Door


Fats attack f ingerprint a nd t iming based s noop attack4 l.jpg
FATS Attack - Wireless Snooping AttackFingerprint And Timing-based Snoop attack

  • Output: Activities of Daily Living (ADLs) inferred by FATS Inference Algorithm:

    • Sleeping, Home Occupancy

    • Bathroom and Kitchen Visits

    • Bathroom Activities: Showering, Toileting, Washing

    • Kitchen Activities: Cooking hot and cold food

  • High level medical information inference possible

  • HIPAA requires healthcare providers to protect this information

Adversary

Fingerprint and Timestamp Snooping Device

Locations and

Sensor Types

Timestamps

Fingerprints

T1

T2

T3

?

?

?


Rest of talk l.jpg
Rest of talk Wireless Snooping Attack

  • FATS Inference Algorithm – Design and Evaluation

  • Privacy Preservation guidelines

  • Related Work

  • Conclusion


Deployment details for fats demonstration l.jpg
Deployment Details for FATS Demonstration Wireless Snooping Attack

  • Eight homes deployed with wireless X10 sensors for at least 7 days with an X10 receiver to record messages

  • Four diverse single person homes, four diverse multi-person homes


Fats inference algorithm l.jpg
FATS Inference Algorithm Wireless Snooping Attack

  • We will now see how to get from the primitive timestamps and fingerprints to the detailed resident activities!

  • Four Tiers in the Inference Algorithm

    • Each Tier adds more information for the adversary


Tier 0 simple event detection using timestamps alone l.jpg
Tier 0 – Simple Event Detection using Timestamps alone Wireless Snooping Attack

Use long silence periods during

the day and night to identify

away and sleeping events

Home, Away

and Sleep

Events

Activity Intervals

Tier 0 Activity Detection

Timestamps of all sensor firings

Time of day from 0 hours (12 AM)


Tier i sensor clustering l.jpg
Tier I – Sensor Clustering Wireless Snooping Attack

Sensor Cluster #3

Use K-means Clustering Algorithm

Sensor Cluster = Sensors from a specific room

Sensor Cluster #2

Tier I Sensor Clustering

Wireless Fingerprints

Home, Away

and Sleep

Events

Activity Intervals

Sensor Cluster #1

Tier 0 Activity Detection

Timestamps of all sensor firings

Time of day from 0 hours (12 AM)


Tier ii room classification l.jpg
Tier II Room Classification Wireless Snooping Attack

Use bi partite matching classifier to

label sensor clusters by comparing

sensor firing patterns in these rooms

to trained models for rooms

Sensor Cluster #3

Bathroom

Bathroom and

Kitchen Visits

Room Labels on Clusters

Tier II Room Classification

Kitchen

Sensor Cluster #2

Sensor Clusters

Tier I Sensor Clustering

Wireless Fingerprints

Home, Away

and Sleep

Events

Activity Intervals

Living room/

Bedroom

Sensor Cluster #1

Tier 0 Activity Detection

Timestamps of all sensor firings

Time of day from 0 hours (12 AM)


Tier iii sensor classification l.jpg
Tier III – Sensor Classification Wireless Snooping Attack

Use LDA (Linear Discriminant Analysis) Classifierby

comparing sensor firing patterns to trained models for sensors

Flush Sensor

Detailed Activities:

Showering,

Cooking etc

Sink Sensor

Sensor Labels

Bathroom

Shower Sensor

Tier III Sensor Classification

Motion Sensor

Refrigerator Sensor

Bathroom and

Kitchen Visits

Room Labels on Clusters

Microwave Sensor

Tier II Room Classification

Pantry Sensor

Kitchen

Stove Sensor

Sensor Clusters

Sink Sensor

Motion Sensor

Tier I Sensor Clustering

Wireless Fingerprints

Front Door

Home, Away

and Sleep

Events

Activity Intervals

Main Room -> Bathroom Door

Living room/

Bedroom

Motion Sensor

Tier 0 Activity Detection

Timestamps of all sensor firings

Time of day from 0 hours (12 AM)


Tier iii output activity classifier l.jpg
Tier III Output - Activity Classifier Wireless Snooping Attack

Showering

Washing

Toileting

Flush Sensor

Detailed Activities:

Showering, Cooking …

Sink Sensor

Bathroom

Shower Sensor

Activity Classifier

Motion Sensor

Refrigerator Sensor

Tier III Sensor Labels

Microwave Sensor

Pantry Sensor

Compute counts of various

known sensors firing in each temporal

activity cluster using sensor labels

from Tier III

Kitchen

Cooking hot food

Stove Sensor

Sink Sensor

Motion Sensor

Assign activity labels using LDA

Classifierby comparing firing counts

to trained models for activities

Front Door

Living room/

Bedroom

Main Room -> Bathroom Door

Motion Sensor

Temporal Activity

Clusters

Temporal Activity Cluster

= Chunk of Human Activity in room

Time of day from 0 hours (12 AM)


Best case evaluation of tier 0 tier ii and tier iii activity detection l.jpg
Best Case Evaluation of Wireless Snooping AttackTier 0, Tier II and Tier III Activity Detection

  • Tier 0 Simple Home Occupancy and Sleep Events Detected with at least 90%

  • duration Accuracy across all homes

Single Person Homes

True Positive Rate

Event Detection Rate

Duration Accuracy

Tier III Detailed Activities

Tier II Room Visits


Rest of talk14 l.jpg
Rest of talk Wireless Snooping Attack

  • FATS Inference Algorithm – Design and Evaluation

  • Privacy Preservation guidelines

  • Related Work

  • Conclusion


Privacy preservation guidelines overview l.jpg
Privacy Preservation guidelines Overview Wireless Snooping Attack

  • Privacy preservation techniques to incorporate in future wireless ubiquitous systems

    • Signal Attenuators

    • Random delays

    • Periodic transmissions

    • Fingerprint masking

  • We show that a hybrid solution with several of the above techniques is most effective


Privacy preservation guideline 1 signal attenuators l.jpg
Privacy Preservation Guideline #1 Wireless Snooping AttackSignal Attenuators

  • Hide nodes/packets from the snooping adversary

  • Reduce Transmission Power

    • Multi-hop routing

  • Wired connections

    • Deployment cost

  • Faraday cages

    • High deployment cost

  • Deploy in specific rooms such as bathroom or kitchen where many activities occur

Flush Sensor

Sink Sensor

Bathroom

Shower Sensor

Motion Sensor

Refrigerator Sensor

Microwave Sensor

Pantry Sensor

Kitchen

Stove Sensor

Sink Sensor

Motion Sensor

Front Door

Living room/

Bedroom

Main Room -> Bathroom Door

Motion Sensor


Privacy preservation guideline 2 random delays l.jpg
Privacy Preservation Guideline #2 Wireless Snooping AttackRandom Delays

U(0,D)

  • Add a random delay U(0,D) to sensor transmissions bounded by a maximum tolerable delay D

  • Challenges

    • Not Applicable to real-time sensors, fall detection

  • Effective at hiding short duration Tier II/III activities in bathroom and kitchen

  • Not as good at hiding long duration Tier 0 sleep and home occupancy events

Flush Sensor

d

Sink Sensor

Bathroom

Shower Sensor

Motion Sensor

Refrigerator Sensor

Microwave Sensor

Pantry Sensor

Kitchen

Stove Sensor

Sink Sensor

Motion Sensor

Front Door

Living room/

Bedroom

Main Room -> Bathroom Door

Motion Sensor


Privacy preservation guideline 3 fingerprint masking l.jpg
Privacy Preservation Guideline #3 Wireless Snooping AttackFingerprint Masking

Common Radio Source

  • Hide the true fingerprints

    • Using potentiometers in radio circuitry

    • Wiring together multiple radio sources

  • Challenges

    • Changes to existing radio hardware

    • Arms Race Scenario

Flush Sensor

Sink Sensor

Bathroom

Shower Sensor

Motion Sensor

Refrigerator Sensor

Microwave Sensor

Pantry Sensor

Kitchen

Stove Sensor

Sink Sensor

Motion Sensor

Front Door

Living room/

Bedroom

Main Room -> Bathroom Door

Motion Sensor


Privacy preservation guideline 4 periodic transmissions l.jpg
Privacy Preservation Guideline #4 Wireless Snooping AttackPeriodic Transmissions

  • Constant Input guarantees 100% privacy

  • Challenges

    • Not Applicable to Real-Time sensors

    • More suited to low bandwidth data sensors

  • Surprisingly low power cost for low bandwidth data sensors

    • Only 9% Reduction in node lifetime for the Telos mote with ON/OFF sensor with a period of 10 seconds


Performance of individual solutions at select points l.jpg
Performance of Individual Solutions at Select Points Wireless Snooping Attack

  • Periodic Transmissions on Living room and Bedroom sensors degrades Tier 0 duration accuracy to about 47%

Percentage Accuracy(%)

20 minute

Random Delays

40% Fingerprint

Masking

40% Signal

Attenuation


Hybrid solutions performance l.jpg
Hybrid Solutions - Performance Wireless Snooping Attack

  • Periodic Transmissions enforced on living and bedroom sensors

  • Random delays, signal attenuators etc implemented on bathroom and kitchen sensors

  • Much better than individual solutions

Percentage Accuracy(%)

Periodic Transmissions

+

20 minute Random

Delays

Periodic Transmissions

+

40% Signal

Attenuation

Periodic Transmissions

+

40% Fingerprint Masking

Periodic Transmissions

+

20% Fingerprint Masking +

20% Signal Attenuation


Rest of talk22 l.jpg
Rest of talk Wireless Snooping Attack

  • FATS Inference Algorithm – Design and Evaluation

  • Privacy Preservation guidelines

  • Related Work

  • Conclusion


Related work l.jpg
Related Work Wireless Snooping Attack

  • Side Channel Privacy Attacks:

    • Infer private information by observing how the system operates, eg)Tempest Attack

  • Traffic Analysis:

    • Unlike FATS, most related work, Kamat et al (2005), deal with multi-hop attacks and countermeasures at the routing layer

    • Unlike FATS, existing single hop attacks, Yang et al (WiSec 2008), consider timing based single hop attacks but ignore the wireless fingerprints input

  • FATS is the first attack to combine transmission timestamps with wireless fingerprints to demonstrate a serious privacy leak in single hop activity monitoring wireless systems


Conclusion l.jpg
Conclusion Wireless Snooping Attack

  • We demonstrated a powerful new privacy attack on wireless home sensor systems that infers detailed resident activities in spite of encryption using just low level wireless fingerprints and timestamps

    • With consistently high accuracy across diverse single and multi-person homes with diverse residents

  • We propose a set of privacy solutions and propose a hybrid approach to make the attack ineffective

  • FATS attack may become increasingly important as wireless ubiquitous systems become more ubiquitous

    • Offices or manufacturing plants for industrial espionage

    • Urban scale wireless systems for people tracking


Slide25 l.jpg

Thank you Wireless Snooping Attack

Questions?


Tier ii and tier iii activity detection using timestamps and fingerprints l.jpg
Tier II and Tier III Activity Detection using Timestamps Wireless Snooping Attackand Fingerprints

Multi Person Homes

True Positive Rate

Event Detection Rate

Duration Accuracy

Tier II Room Visits

Tier III Activities


ad