logo

Method for Countering Snooping-Based Side Channel Attacks in Smart Home Applications

   

Added on  2022-11-13

8 Pages3781 Words311 Views
A Method for Countering Snooping-Based Side
Channel Attacks in Smart Home Applications
Jingsha He, Qi Xiao (&) , and Muhammad Salman Pathan
School of Software Engineering, Beijing Engineering Research Center for IoT
Software and Systems, Beijing University of Technology, Beijing 100124, China
jhe@bjut.edu.cn, xqnssa@emails.bjut.edu.cn,
muhammad.salman@nu.edu.pk
Abstract. In recent years, with the rapid development of the Internet of Things
(IoT), the information technology has been widely used in smart home appli-
cations. On the other hand, smart home technology closely related to peoples
privacy, which is not much considered by smart home vendors, making the
privacy protection of smart home a hot research topic. Traditional encryption
methods can ensure the security of the transmission process, but it can hardly
resist the side channel attacks. Adversaries can analyze the radio frequency
signals of wireless sensors and timestamp series to acquire the Activity of Daily
Living (ADL). The most simple and efficient way to counter side channel attacks
is to add noise into the transmitted data sequence. In this paper, we propose an
improved method based on Logistic Regression (LR), which can be adapted to
network status to protect the privacy of residents in smart home environments.
Compared with other similar approaches, our method has the advantage of low
energy consumption, low latency, strong adaptability and good effect of privacy
protection.
Keywords: Smart home  Side channel attack  Privacy  Logistic Regression
1 Introduction
Smart home is one of the important branches of the Internet of Things (IoT) which
relies on wireless sensors to sense and collect activity and status information. These
sensors can sense particular phenomena, convert the sensed information into data,
process the data and then transmit the data onto a sink node for further analysis [1]. For
example, the measurement of temperature, humidity, luminosity, noise levels, presence,
etc., can provide useful data to interpret a physical activity in space and time in order to
determine the activity of a person and thus can contribute in detecting unusual situa-
tions and emergency cases [2]. The sensed data contains much private information of
the resident, however, while the societal concerns of smart home technology evolution
in relation to the privacy and security of the citizen appear to be still at an embryonic
stage [3]. The acquired ADLs can help to improve the quality of life, but it can also be
exposed to the attacker, therefore, the issue of privacy protection in smart home
environments has become one of the most challenging issues.
© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018
Q. Chen et al. (Eds.): ChinaCom 2016, Part I, LNICST 209, pp. 200207, 2018.
DOI: 10.1007/978-3-319-66625-9_20

Compared to other wireless sensor networks, the type and number of sensors in the
smart home are similar to general homes. And most sensors are operated in the
event-triggered mode, where sensor data is transmitted only when a relevant event is
detected. We can image that when an event occurs, the transmission will be triggered
immediately. While data encryption algorithms can only ensure the security of the
sensor data during the transmission, however the radio frequency of the transmission
can be revealed to the adversary who has the ability to listen to the global transmission
state. The adversary can use a side channel attack method to analyze the transmission
sequence and can acquire the ADLs of the resident. For example, Fingerprint And
Timing-based Snooping (FATS) attacks only need the timestamp and the fingerprint of
each radio message, where a fingerprint is a set of features of an RF waveform that are
unique to a particular transmitter [4]. The most simple and effective method to resist
side channel attacks is to add fake message onto the transmission sequence to make the
adversary unable to distinguish between fake and real messages. However, due to the
limitations of the communication bandwidth, battery energy and computing power of
wireless sensor nodes, the amount of fake data should be added as low as possible.
There has been an extensive study of the approaches to protect the privacy of
residents in a smart home environment. These solutions are mainly based on a fixed
frequency or probability models, thus having the major drawbacks like delaying in
reporting the real events until the next scheduled transmission. For smart home sce-
narios, such delay of reporting real sensed data can cause the degradation of the quality
of service (QoS) in many applications [5]. Some of the applications like intelligent
sensing, the delay can generally not be tolerated, where the states of the sensors must
be received in a real timely fashion for making the corresponding responses. As the
delay problem is concerned, Park et al. proposed an improved method based on
behavioral semantics. But the method heavily depends on the accuracy of prediction, if
the prediction of the next activity provides an inaccurate answer, the added fake
messages will not be enough to affect the statistical analysis. In this paper, we propose
an improved method to resist the side channel attacks based on logistic regression that
can be adapted to the network state. That is, when the traffic is heavy and no ADL
happens, the frequency of adding fake data should be automatically reduced. When the
real event occurs, right time will be chosen to add noise to protect the real events.
The rest of this paper is organized as follows. In Sect. 2, we review some existing
solutions. In Sect. 3, we describe our method in detail. In Sect. 4, we will compare our
method to some other solutions. In Sect. 5, we have given the conclusion of this
approach.
2 Related Work
The ConstRate (Sending packets at a fixed frequency) model, all the sensor nodes send
the packets according to the same transmission intervals. Thus, the real events must
send the packets until the next transmission. So the method can achieve the remarkable
work to resist the static analysis attack. Obviously, the ConstRate model has a con-
genital deficiency: the delay depends on the transmission interval which is half of the
interval. Also it is difficult to determine an appropriate transmission interval in the
A Method for Countering Snooping-Based Side Channel Attacks 201

ConstRate Model. The delay will vary with the time interval. When the time interval
increases, the delay time will also increase. And the amount of fake messages and
additional energy consumption will be increased significantly.
Shao et al. proposed the FitProbRate model that aims to improve the deficiencies of
ConstRate model. The core idea is to make the intervals follow the specific probability
distribution. When a real event occurred, the algorithm will start looking for a mini-
mum interval which obey the distribution of index distribution to send. When the real
event is sparse, the FitProbRate model will get a good performance, and compared with
the ConstRate model the delay will be reduced. On the contrary, the real event trig-
gered frequently, the delay will bigger than other models.
Park et al. proposed a model which based on adding several fake packets to the
transmission sequence [6]. The model adds fake packets lie on the events that will
happen in the future. The first step is to forecast the activity through the status of the
sensor nodes and then the fake messages will be generated according to the prediction.
Even an attacker has the ability to listen to the transmission of all the sensors, it could
only predict the wrong ADLs. However, the shortcoming of the model is that the effect
depends on the answer of the prediction. If the prediction model gives a wrong forecast,
the fake packets will pall on the protection of the ADLs. Obviously, the stability of the
model is lower than these two models mentioned above.
The purpose of adding fake packets to the transmission sequence is to make the
attacker cant pick out the fake packets from all the RF radios. For the top two models
above, the interval of all the packets is obey to the same distribution. It is assumed that
the attacker have the ability to listen to the RF radio of the whole wireless sensor
network. And make the model effectively, the transmission sequence must have the
significant confidence to make sure that the adversary couldnt determine the real radio
is contained in which intervals [7]. That is, if the transmission sequence which contains
the fake packets in sending real messages has the sufficient randomness, the adversary
cannot recognize the fake data from the real messages, and the ADLs of the residents
will be protected. In our method, we have made enough randomness between fake and
real data to ensure the attacker couldnt recognize the fake messages. As for the load of
traffic is concerned, the more closer to the sink node, the larger data is needed to
forward. If all the sensors send the packets follow the same distribution, the sensor
node near the sink node will be too heavy to forward packets. Therefore, it is necessary
to make the sensor node sends fake data packets adaptively according to the network
status.
Considering the particularity of the wireless sensor network and the sensitivity of
the smart home, it is important to think over the privacy, energy consumption and
latency of the WSN while designing the noisy based privacy protection models. For the
effect of privacy protection, the noise data should not be recognized, but also makes the
correct recognition rate of the behavior low enough. In other words, either the iden-
tification of the behavior should be wrong, or cant recognize the true behavior. As for
energy consumption, it cannot be a good privacy protection model, if the implemen-
tation of the model greatly reduces the lifetime of the WSN. We should consider the
average of traffic load to prolong the lifetime of the sensor network. Latency is the main
indicator of the QoS. If the latency is too long, it can lose the meaning of intelligence.
As for the delay, a good model should make the delay as small as possible. Especially
202 J. He et al.

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Internet of Things: Privacy Issues and Contents
|9
|1402
|116

Internet of things - Assignment
|13
|4549
|42

Network and Security
|15
|3266
|22