snooping based privacy attacks based on transmission timing and wireless fingerprinting master’s...
TRANSCRIPT
![Page 1: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/1.jpg)
Snooping based privacy attacks based on transmission timing and
wireless fingerprinting
Master’s project presentation
Vijay Srinivasan
University of Virginia
![Page 2: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/2.jpg)
Indoor Wireless Sensor Systems
• Indoor wireless sensor systems are becoming prevalent and will be more so in the future
• Assisted living facilities– UVa, Harvard, Johns Hopkins
• Home Security/Automation– 5 million X10 deployments
• Industrial automation/monitoring– 20 million Zigbee devices by
2007
• People often assume Encryption = Privacy
![Page 3: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/3.jpg)
FATS Attack• FATS – Finger-print And Timing-based Snoop attack
• Observed Information – “T”– Radio message Timing– “F” – Radio fingerprint
• Inferred Information– # bathroom visits– # kitchen visits– Sleep time– Out time
![Page 4: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/4.jpg)
Related Work• Conventional data privacy ensured through encryption – Culler 2001,
Gligor 2002– Adversary infers desired private data in spite of data encryption (side-channel
attack)
• Lots of work tries to infer activities based on sensors in the home – Tapia 2004
– We are assuming the adversary does not know anything: type, distribution, etc of the sensors
• Multi-hop traffic analysis attacks to infer sender-recipient matching or source location – Chaum 1981, Shi 2006, Deng 2005
– Our traffic analysis uses a snoop device one-hop away from the radio sources and is used to infer resident activity, not sender-recipient matching or source location
• Wireless Fingerprinting demonstrated for 802.11 wi-fi devices and mica motes– Detection Accuracies as high as 93% - Hall 2004, Hall 2006, Capkun 2006– Primarily used to enhance privacy by providing hardware-based authentication– Wireless fingerprinting is used to break privacy, not enhance it
![Page 5: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/5.jpg)
Presentation Outline
• Inference Procedure• Counter attacks• Conclusions & Future Work
![Page 6: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/6.jpg)
Inference Algorithm EvaluationExperimental Setup to obtain algorithm input
• Wireless X-10 deployments in 4 homes with around 15 sensors and one base station receiver per home– Seven day deployments in each home
![Page 7: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/7.jpg)
Inference Procedure
![Page 8: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/8.jpg)
Tier – I
• Assumption 1: – Sensors in the same
room fire at similar times
• Assumption 2:– Sensors in different
rooms fire at different times
– This implies a single person in the building
![Page 9: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/9.jpg)
Sensor Clustering
For each sensor i and j:- = Vector of minimum time distances
between i and j, for all firings of i- = min(median( ),median( ))- = Shortest-Path( )F = Multi-Dimensional-Scaling( )C = cluster(F)
ijT
ijD ijTjiT'ijD ijD
'D
![Page 10: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/10.jpg)
Tier – I: Sensor and Temporal Clustering
Sensor Clustering – Performance
![Page 11: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/11.jpg)
Temporal Clustering
• Separate sensor streams by room
• Use db-scan to identify temporal clusters for each room stream– automatically removes outliers unlike k-means
![Page 12: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/12.jpg)
Tier – II
• Assumption 1: – Different houses have
similar rooms
• Assumption 2: – Similar rooms have
similar usage patterns
![Page 13: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/13.jpg)
Tier – II Cluster to Room Mapping
• Constraints used:– Identify entrance room as the cluster whose sensors fire after
long silence periods during the day– Identify bedroom cluster as the one that fires after long silence
periods during the night or has maximal time length in the night– Identify living room cluster as the one that fires maximally during
the day– Both bathroom and kitchen clusters fire when the resident wakes
up with the bathroom clusters being usually smaller in width
• Classification results: All clusters assigned the correct room labels across the four homes in the best case
![Page 14: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/14.jpg)
Tier – III
• Assumption 1: – Long silence periods
imply sleep or that the person is not home
• Assumption 2:– Tier-II returns correct
temporal clusters for the bathroom and kitchen
![Page 15: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/15.jpg)
Tier-III Inferring Private Variables
• Four private variables Inferred
• Number and timing of bathroom and kitchen visits– Inferred from Tier-II clusters
• Number and timing of sleep and away from home hours– Inferred from long silence periods during the day or
night
![Page 16: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/16.jpg)
Tier III Output – Evaluation Metrics
• Ground truth variables obtained by manual inspection
• We first compute a min cost bipartite matching between ground truth clusters and computed clusters based on – cluster timing and – interval width
• Based on this mapping, we define 3 metrics– Number of false positives – Number of false negatives– Total Interval Error
![Page 17: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/17.jpg)
Inference Algorithm – Performance across 4 homes
![Page 18: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/18.jpg)
Presentation Outline
• Inference Procedure• Counter attacks• Conclusions & Future Work
![Page 19: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/19.jpg)
Counter Attacks 1. Increasing Packet loss ratio
• Obvious solution – prevent adversary from listening to packets by– Reducing transmission power– Introducing Faraday cages
• We evaluate how high the packet loss ratio must be to affect evaluation metrics for private variables shown previously
![Page 20: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/20.jpg)
Counter Attacks 1. Increasing Packet loss ratio
![Page 21: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/21.jpg)
Counter Attacks2. Periodic transmissions
• Assumes tolerable latency bound L• Does not work with real-time or high bandwidth
requirements
Complete privacy
![Page 22: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/22.jpg)
Counter Attacks2. Periodic transmissions
• Energy cost of periodic transmission is negligble for binary sensors with periods of a few seconds
• Telos mote– Wakes up and
transmits every L seconds
– 2*L bits of data over latency period L
• For L=8 seconds, 8.75% reduction in lifetime
![Page 23: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/23.jpg)
Counter Attacks3. Random delay
• Add a random delay to each transmission bounded by tolerable bound
• Leverage tolerable latency bound at lower energy cost
• Same real-time drawback as periodic transmissions
![Page 24: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/24.jpg)
Counter Attacks3. Random delay
![Page 25: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/25.jpg)
Counter Attacks4. Fingerprint masking
• Mask fingerprints in hardware by varying features for each transmission
• Drawbacks– Arms race scenario, unable to predict features
used by an adversary– Not supportable by current hardware– Does not affect inference of sleep and home
occupancy variables
![Page 26: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/26.jpg)
Counter Attacks4. Fingerprint masking
![Page 27: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/27.jpg)
Counter Attacks5. Introducing fake data
• Introduce fake events to hide high level information– Eg) Introduce fake bathroom events if we
need to hide number of bathroom visits
• Arms race problem – Can the adversary filter fake events?
![Page 28: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/28.jpg)
Presentation Outline
• Inference Procedure• Counter attacks• Conclusions & Future Work
![Page 29: Snooping based privacy attacks based on transmission timing and wireless fingerprinting Master’s project presentation Vijay Srinivasan University of Virginia](https://reader036.vdocuments.mx/reader036/viewer/2022062801/56649e2c5503460f94b1b709/html5/thumbnails/29.jpg)
Conclusions and Future work• Demonstrated a novel side-channel privacy
attack based on transmission timing and wireless fingerprinting
• Designed a tiered inference algorithm• Proposed a suite of privacy solutions with
different tradeoffs to address the FATS attack• Current and Future work
– Infer more detailed activity information– Implications of FATS attacks for large scale
mobile systems composed of mobile phone users