Privacy leakages in Smart Home wireless technologies

The concept of Smart Home where appliances, sensors, actuators, displays and computing resources are connected and interact to support the life of the citizen is being increasingly researched. In this context, the Wi-Fi communication technology has grown to become the de-facto standard for data communications in Smart Home environments, with cordless telephony being dominated by the DECT protocol. Even though both technologies incorporate sets of security features aimed at securing the confidentiality and integrity of the communications, the nature and the design of both radio-frequency protocols make them vulnerable, up to a certain extent, to privacy leakages through traffic analysis attacks. In this paper we explore the information leakage vulnerabilities inherent to these technologies and their potential impact on citizens' privacy in the context of the Smart Home. We demonstrate how the websites visited by a smart device can be inferred by applying machine learning and pattern matching techniques to eavesdropped encrypted traffic.

[1]  H. Vincent Poor,et al.  Smart Meter Privacy: A Theoretical Framework , 2013, IEEE Transactions on Smart Grid.

[2]  Andrew R. Webb,et al.  Statistical Pattern Recognition: Webb/Statistical Pattern Recognition , 2011 .

[3]  Andreas Pitsillides,et al.  Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures , 2014, IEEE Communications Surveys & Tutorials.

[4]  F. Aldrich Smart Homes: Past, Present and Future , 2003 .

[5]  Erik Tews,et al.  Cryptanalysis of the DECT Standard Cipher , 2010, FSE.

[6]  Shigeo Abe DrEng Pattern Classification , 2001, Springer London.

[7]  N. Altman An Introduction to Kernel and Nearest-Neighbor Nonparametric Regression , 1992 .

[8]  Kamin Whitehouse,et al.  Protecting your daily in-home activity information from a wireless snooping attack , 2008, UbiComp.

[9]  Eric Campo,et al.  A review of smart homes - Present state and future challenges , 2008, Comput. Methods Programs Biomed..

[10]  Xianbin Wang,et al.  Security and privacy considerations for Wireless Sensor Networks in smart home environments , 2012, Proceedings of the 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[11]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.

[12]  Gianmarco Baldini,et al.  Experimental passive eavesdropping of Digital Enhanced Cordless Telecommunication voice communications through low-cost software-defined radios , 2015, Secur. Commun. Networks.

[13]  J. Wade Davis,et al.  Statistical Pattern Recognition , 2003, Technometrics.

[14]  Erik Tews,et al.  Attacks on the DECT Authentication Mechanisms , 2009, CT-RSA.