PingPong: Packet-Level Signatures for Smart Home Device Events
This addresses security vulnerabilities in smart home devices for users and manufacturers, though it is an incremental improvement on existing traffic analysis methods.
The paper tackles the problem of passive inference attacks on smart home devices by presenting PINGPONG, a tool that automatically extracts packet-level signatures for device events from network traffic, achieving over 97% average recall in detecting devices or specific events.
Smart home devices are vulnerable to passive inference attacks based on network traffic, even in the presence of encryption. In this paper, we present PINGPONG, a tool that can automatically extract packet-level signatures for device events (e.g., light bulb turning ON/OFF) from network traffic. We evaluated PINGPONG on popular smart home devices ranging from smart plugs and thermostats to cameras, voice-activated devices, and smart TVs. We were able to: (1) automatically extract previously unknown signatures that consist of simple sequences of packet lengths and directions; (2) use those signatures to detect the devices or specific events with an average recall of more than 97%; (3) show that the signatures are unique among hundreds of millions of packets of real world network traffic; (4) show that our methodology is also applicable to publicly available datasets; and (5) demonstrate its robustness in different settings: events triggered by local and remote smartphones, as well as by homeautomation systems.