SniffMislead: Non-intrusive privacy protection against wireless packet sniffers in smart homes

Xuanyu Liu, Qiang Zeng, Xiaojiang Du, Siva Likitha Valluru, Chenglong Fu, Xiao Fu, Bin Luo

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

With the booming deployment of smart homes, concerns about user privacy keep growing. Recent research has shown that encrypted wireless traffic of IoT devices can be exploited by packet-sniffing attacks to reveal users' privacy-sensitive information (e.g., the time when residents leave their home and go to work), which may be used to launch further attacks (e.g., a break-in). To address the growing concerns, we propose SniffMislead, a non-intrusive (i.e., without modifying IoT devices, hubs, or platforms) privacy-protecting approach, based on packet injection, against wireless packet sniffers. Instead of randomly injecting packets, which is ineffective against a smarter attacker, SniffMislead proposes the notion of phantom users, "people"who do not exist in the physical world. From an attacker's perspective, however, they are perceived as real users. SniffMislead places multiple phantom users in a smart home, which can effectively prevent an attacker from inferring useful information. We design a top-down approach to synthesize phantom users' behaviors, construct the sequence of decoy device events and commands, and then inject corresponding packets into the home. We show how SniffMislead ensures logical integrity and contextual consistency of injected packets, as well as how it makes a phantom user indistinguishable from a real user. Our evaluation results from a smart home testbed demonstrate that SniffMislead significantly reduces an attacker's privacy-inferring capabilities, bringing the accuracy from 94.8% down to 3.5%.

Original languageEnglish
Title of host publicationProceedings of 2021 24th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2021
Pages33-47
Number of pages15
ISBN (Electronic)9781450390583
DOIs
StatePublished - 6 Oct 2021
Event24th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2021 - Virtual, Online, Spain
Duration: 6 Oct 20218 Oct 2021

Publication series

NameACM International Conference Proceeding Series

Conference

Conference24th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2021
Country/TerritorySpain
CityVirtual, Online
Period6/10/218/10/21

Keywords

  • IoT device
  • Smart home
  • packet-sniffing attack
  • privacy
  • wireless network

Fingerprint

Dive into the research topics of 'SniffMislead: Non-intrusive privacy protection against wireless packet sniffers in smart homes'. Together they form a unique fingerprint.

Cite this