Packet Padding for Improving Privacy in Consumer IoT

Traffic analysis of side-channel information represents a major concern in consumer IoT privacy, since it can lead to a leakage of user data and behavior. In this paper, we propose a lightweight padding-based mechanism to obfuscate one type of side-channel information, the packet length, in order to enhance user privacy. A prototype of the mechanism is implemented in a virtual machine along with five different machine learning classifiers, which are used to identify IoT devices by means of packet length patterns. Results show that the packet padding mechanism is able to reduce the accuracy of the classifiers in at least 75%, thus enhancing the privacy of the IoT communication. Additionally, the delay, jitter, throughput and packet loss are used to quantify the impact of the mechanism on the communication performance of the IoT devices. It is shown that the communication overhead generated the by proposed mechanism was kept to a minimum.

[1]  Philipp Winter,et al.  ScrambleSuit: a polymorphic network protocol to circumvent censorship , 2013, WPES.

[2]  Daeyoung Kim,et al.  Internet Traffic Privacy Enhancement with Masking: Optimization and Tradeoffs , 2014, IEEE Trans. Parallel Distributed Syst..

[3]  Nick Feamster,et al.  Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic , 2017, ArXiv.

[4]  Stefan Savage,et al.  Herd : A Scalable , Traffic Analysis Resistant Anonymity Network for VoIP Systems , 2015 .

[5]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[6]  Thomas Ristenpart,et al.  Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail , 2012, 2012 IEEE Symposium on Security and Privacy.

[7]  Vijay Sivaraman,et al.  Characterizing and classifying IoT traffic in smart cities and campuses , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[8]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[9]  Finn Brunton,et al.  Obfuscation: A User's Guide for Privacy and Protest , 2015 .

[10]  Grenville J. Armitage,et al.  A survey of techniques for internet traffic classification using machine learning , 2008, IEEE Communications Surveys & Tutorials.

[11]  Christian Benvenuti Understanding Linux Network Internals , 2005 .

[12]  A. Nur Zincir-Heywood,et al.  Traffic flow analysis of tor pluggable transports , 2015, 2015 11th International Conference on Network and Service Management (CNSM).

[13]  Jerry Kang Information Privacy in Cyberspace Transactions , 1998 .

[14]  Wojciech Mazurczyk,et al.  PadSteg: introducing inter-protocol steganography , 2013, Telecommun. Syst..