The Dark (and Bright) Side of IoT: Attacks and Countermeasures for Identifying Smart Home Devices and Services
This work addresses privacy vulnerabilities in IoT smart home devices, showing that standard encryption is insufficient, which is an incremental but important contribution to security research.
The authors developed a machine learning attack that uses network traffic patterns to detect and identify specific smart home IoT devices and their services in WiFi environments, achieving detection with overwhelming probability, and introduced Eclipse as a countermeasure to mitigate such attacks by reshaping traffic.
We present a new machine learning-based attack that exploits network patterns to detect the presence of smart IoT devices and running services in the WiFi radio spectrum. We perform an extensive measurement campaign of data collection, and we build up a model describing the traffic patterns characterizing three popular IoT smart home devices, i.e., Google Nest Mini, Amazon Echo, and Amazon Echo Dot. We prove that it is possible to detect and identify with overwhelming probability their presence and the services running by the aforementioned devices in a crowded WiFi scenario. This work proves that standard encryption techniques alone are not sufficient to protect the privacy of the end-user, since the network traffic itself exposes the presence of both the device and the associated service. While more work is required to prevent non-trusted third parties to detect and identify the user's devices, we introduce Eclipse, a technique to mitigate these types of attacks, which reshapes the traffic making the identification of the devices and the associated services similar to the random classification baseline.