ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Protecting your daily in-home activity information from a wireless snooping attack
Full text PdfPdf (694 KB)
Source
UbiComp; Vol. 344 archive
Proceedings of the 10th international conference on Ubiquitous computing table of contents
Seoul, Korea
SESSION: Security and privacy table of contents
Pages 202-211  
Year of Publication: 2008
ISBN:978-1-60558-136-1
Authors
Vijay Srinivasan  University of Virginia
John Stankovic  University of Virginia
Kamin Whitehouse  University of Virginia
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 32,   Downloads (12 Months): 225,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1409635.1409663
What is a DOI?

ABSTRACT

In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home such as cooking, showering, toileting, and sleeping by eavesdropping on the wireless transmissions of sensors in a home, even when all of the transmissions are encrypted. We call this the Fingerprint and Timing-based Snooping (FATS) attack. This attack can already be carried out on millions of homes today, and may become more important as ubiquitous computing environments such as smart homes and assisted living facilities become more prevalent. In this paper, we demonstrate and evaluate the FATS attack on eight different homes containing wireless sensors. We also propose and evaluate a set of privacy preserving design guidelines for future wireless ubiquitous systems and show how these guidelines can be used in a hybrid fashion to prevent against the FATS attack with low implementation costs.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Anritsu high performance signal analyser. http://www.scs.carleton.ca/jhall2/Publications/anritsu_us.pdf.
 
2
Assisted living and residential monitoring network project. University of Virginia ALARMNET project, http://www.cs.virginia.edu/wsn/medical/.
 
3
Dark deal hacking wireless video cameras. http://www.g4tv.com/techtvvault/features/46880/.
 
4
Hagai Bar El, Introduction to Side Channel Attacks, http://www.hbarel.com/publications.htm.
 
5
United States department of health and human services, HIPAA regulations and standards. http://www.hhs.gov/ocr/hipaa/.
 
6
X10 home security home automation electronics. http://www.x10.com.
 
7
Toshihiro Takada et al, Proximity mining: Finding proximity using sensor data history. In WMCSA, 2003.
 
8
Jing Deng , Richard Han , Shivakant Mishra, Countermeasures Against Traffic Analysis Attacks in Wireless Sensor Networks, Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, p.113-126, September 05-09, 2005  [doi>10.1109/SECURECOMM.2005.16]
9
Yi Yang , Min Shao , Sencun Zhu , Bhuvan Urgaonkar , Guohong Cao, Towards event source unobservability with minimum network traffic in sensor networks, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA  [doi>10.1145/1352533.1352547]
10
David L. Chaum, Untraceable electronic mail, return addresses, and digital pseudonyms, Communications of the ACM, v.24 n.2, p.84-90, Feb. 1981  [doi>10.1145/358549.358563]
 
11
F. Dotzer. Privacy issues in vanet. In workshop on Privacy Enhanced Technology, 2005.
 
12
M. Ester, Kriegel, J. Sander, and X. Xu. A density-based algorithm for discovering clusters in large spatial databases with noise. In International Conference on Knowledge Discovery and Data Mining, 1996.
13
Daniel B. Faria , David R. Cheriton, Detecting identity-based attacks in wireless networks using signalprints, Proceedings of the 5th ACM workshop on Wireless security, September 29-29, 2006, Los Angeles, California  [doi>10.1145/1161289.1161298]
 
14
J. Hall, M. Barbeau, and E. Kranakis. Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In Communications Internet and Information Technology, November 2004.
 
15
J. Hall, M. Barbeau, and E. Kranakis. Detecting rogue devices in bluetooth networks using radio frequency fingerprinting. In IASTED International Conference on Communications and Computer Networks, October 2006.
 
16
Pandurang Kamat , Yanyong Zhang , Wade Trappe , Celal Ozturk, Enhancing Source-Location Privacy in Sensor Network Routing, Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, p.599-608, June 06-10, 2005  [doi>10.1109/ICDCS.2005.31]
 
17
M. Kuhn. Electromagnetic eavesdropping risks of flat-panel displays. In Workshop on Privacy Enhancing Technologies, 2004.
 
18
R. Lim. Wireless fire sensor network demonstrator. Master's thesis, ETH Zurich, 2006.
 
19
B. Logan, J. Healey, M. Philipose, E. M. Tapia, and S. Intille. A long-term evaluation of sensing modalities for activity recognition. In Ubicomp, 2007.
20
Jeffrey Pang , Ben Greenstein , Ramakrishna Gummadi , Srinivasan Seshan , David Wetherall, 802.11 user fingerprinting, Proceedings of the 13th annual ACM international conference on Mobile computing and networking, September 09-14, 2007, Montréal, Québec, Canada  [doi>10.1145/1287853.1287866]
 
21
Parks Associates Research and Analysis for Digital Living. Home security system forecasts: 2005 and beyond, November 2005. http://www.parksassociates.com/research/reports/tocs/2005/security.htm.
 
22
K. B. Rasmussen and S. Capkun. Implications of Radio Fingerprinting on the Security of Sensor Networks. Technical Report 536, ETH Zrich IFW, 2006.
 
23
T. Scott Saponas , Jonathan Lester , Carl Hartung , Sameer Agarwal , Tadayoshi Kohno, Devices that tell on you: privacy trends in consumer ubiquitous computing, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
 
24
E. M. Tapia, S. S. Intille, and K. Larson. Activity recognition in the home setting using simple and ubiquitous sensors. In Proceedings of PERVASIVE, 2004.
 
25
D. Wyatt, M. Philipose, and T. Choudhury. Unsupervised activity recognition using automatically mined common sense. In AAAI, 2005.

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Wireless communication

Additional Classification:
  H. Information Systems
  H.m MISCELLANEOUS


General Terms:
Design, Experimentation, Security


Keywords:
activity monitoring, side channel privacy attacks, wireless fingerprinting

Collaborative Colleagues:
Vijay Srinivasan: colleagues
John Stankovic: colleagues
Kamin Whitehouse: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player