Defending Against Packet-Size Side-Channel Attacks in Iot Networks

Motivated by privacy issues in the Internet of Things (IoT), we generalize a previously proposed privacy-preserving packet obfuscation scheme to guarantee differential privacy. We propose a locally differentially private packet obfuscation mechanism as a defense against packet-size side-channel attacks in IoT networks. We formulate the problem as an optimization over a conditional probability distribution (channel) between the original and obfuscated packet sizes and show that the optimal set of obfuscated packet sizes is a strict subset of the set of original packet sizes. We study the optimal mechanisms for minimizing the (average or min-max) bandwidth overhead subject to a privacy constraint by solving the corresponding (linear or convex) program. We demonstrate our methods on synthetic and real data to illustrate privacy-bandwidth tradeoffs in different settings. Systems with many bandwidth-intensive devices can easily mask low-bandwidth devices. For data collected from actual smart home $\mathrm{IoT}$ devices, we show how the packet size distributions become increasingly indistinguishable as the level of privacy protection increases. The proposed mechanism highlights the possibility for bandwidth-constrained users to optimally tune their privacy preferences and trade off privacy with bandwidth.

[1]  Frank McSherry,et al.  Privacy integrated queries: an extensible platform for privacy-preserving data analysis , 2009, SIGMOD Conference.

[2]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[3]  Yuval Elovici,et al.  ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis , 2017, SAC.

[4]  Anand D. Sarwate,et al.  A rate-disortion perspective on local differential privacy , 2014, 2014 52nd Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[5]  Nick Feamster,et al.  Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers , 2017, ArXiv.

[6]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[7]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[8]  Wade Trappe,et al.  BIT-TRAPS: Building Information-Theoretic Traffic Privacy Into Packet Streams , 2011, IEEE Transactions on Information Forensics and Security.

[9]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[10]  Levente Buttyan,et al.  Traffic analysis attacks and countermeasures in wireless body area sensor networks , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[11]  Nick Feamster,et al.  A Smart Home is No Castle: Privacy Vulnerabilities of Encrypted IoT Traffic , 2017, ArXiv.

[12]  Parth H. Pathak,et al.  Uncovering Privacy Leakage in BLE Network Traffic of Wearable Fitness Trackers , 2016, HotMobile.

[13]  Klaus Wehrle,et al.  Privacy in the Internet of Things: threats and challenges , 2014, Secur. Commun. Networks.

[14]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[15]  Larry A. Wasserman,et al.  Differential privacy with compression , 2009, 2009 IEEE International Symposium on Information Theory.

[16]  Anand D. Sarwate,et al.  Randomized requantization with local differential privacy , 2016, 2016 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[17]  Paul W. Cuff,et al.  Differential Privacy as a Mutual Information Constraint , 2016, CCS.

[18]  Anand D. Sarwate,et al.  Optimal differential privacy mechanisms under Hamming distortion for structured source classes , 2016, 2016 IEEE International Symposium on Information Theory (ISIT).

[19]  Nick Feamster,et al.  Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic , 2017, ArXiv.

[20]  Martin J. Wainwright,et al.  Local privacy and statistical minimax rates , 2013, 2013 51st Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[21]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.