1. bookVolume 2019 (2019): Issue 3 (July 2019)
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year
access type Open Access

Keeping the Smart Home Private with Smart(er) IoT Traffic Shaping

Published Online: 12 Jul 2019
Page range: 128 - 148
Received: 30 Nov 2018
Accepted: 16 Mar 2019
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year

The proliferation of smart home Internet of things (IoT) devices presents unprecedented challenges for preserving privacy within the home. In this paper, we demonstrate that a passive network observer (e.g., an Internet service provider) can infer private in-home activities by analyzing Internet traffic from commercially available smart home devices even when the devices use end-to-end transport-layer encryption. We evaluate common approaches for defending against these types of traffic analysis attacks, including firewalls, virtual private networks, and independent link padding, and find that none sufficiently conceal user activities with reasonable data overhead. We develop a new defense, “stochastic traffic padding” (STP), that makes it difficult for a passive network adversary to reliably distinguish genuine user activities from generated traffic patterns designed to look like user interactions. Our analysis provides a theoretical bound on an adversary’s ability to accurately detect genuine user activities as a function of the amount of additional cover traffic generated by the defense technique.


[1] Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J. A., Invernizzi, L., Kallitsis, M., et al. Understanding the Mirai botnet. In 26th USENIX Security Symposium (USENIX Security 17) (2017), pp. 1092–1110.Search in Google Scholar

[2] Apthorpe, N., Reisman, D., and Feamster, N. Closing the blinds: Four strategies for protecting smart home privacy from network observers. Workshop on Technology and Consumer Protection (ConPro) (2017).Search in Google Scholar

[3] Apthorpe, N., Reisman, D., and Feamster, N. A smart home is no castle: Privacy vulnerabilities of encrypted IoT traffic. Data and Algorithmic Transparency Workshop (DAT) (2017).Search in Google Scholar

[4] Apthorpe, N., Reisman, D., Sundaresan, S., Narayanan, A., and Feamster, N. Spying on the smart home: Privacy attacks and defenses on encrypted IoT traffic. arXiv preprint arXiv:1708.05044 (2017).Search in Google Scholar

[5] Back, A., Möller, U., and Stiglic, A. Traffic analysis attacks and trade-offs in anonymity providing systems. In International Workshop on Information Hiding (2001), Springer, pp. 245–257.Search in Google Scholar

[6] Bellovin, S. M. A technique for counting natted hosts. In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment (2002), ACM, pp. 267–272.Search in Google Scholar

[7] Caballero, J., Venkataraman, S., Poosankam, P., Kang, M. G., Song, D., and Blum, A. Fig: Automatic fingerprint generation. In Network and Distributed System Security Symposium (2007).Search in Google Scholar

[8] Cai, X., Nithyanand, R., Wang, T., Johnson, R., and Goldberg, I. A systematic approach to developing and evaluating website fingerprinting defenses. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (2014), ACM, pp. 227–238.Search in Google Scholar

[9] Chirgwin, R. Internet of snitches: anyone who can sniff ’thing’ traffic knows what you’re doing. https://www.theregister.co.uk/2017/05/29/internet_of_snitches_anyone_who_can_get_your_traffic_knows_what_youre_doing/, May 2017. The Register.Search in Google Scholar

[10] Coldewey, D. Internet providers could easily snoop on your smart home. https://techcrunch.com/2017/08/28/study-tracks-what-smart-home-activity-can-be-seen-by-internet-providers, August 2017. TechCrunch.Search in Google Scholar

[11] Copos, B., Levitt, K., Bishop, M., and Rowe, J. Is anybody home? Inferring activity from smart home network traffic. In 2016 IEEE Security and Privacy Workshops (SPW) (2016), IEEE, pp. 245–251.Search in Google Scholar

[12] Datta, T., Apthorpe, N., and Feamster, N. A developer-friendly library for smart home IoT privacy-preserving traffic obfuscation. In Proceedings of the 2018 Workshop on IoT Security and Privacy (2018), ACM, pp. 43–48.Search in Google Scholar

[13] Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., and Halderman, J. A. A search engine backed by Internet-wide scanning. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (2015), ACM, pp. 542–553.Search in Google Scholar

[14] Dyer, K. P., Coull, S. E., Ristenpart, T., and Shrimpton, T. Peek-a-boo, I still see you: Why efficient traffic analysis countermeasures fail. In 2012 IEEE Symposium on Security and Privacy (S&P) (2012), IEEE, pp. 332–346.Search in Google Scholar

[15] Fachkha, C., Bou-Harb, E., Keliris, A., Memon, N. D., and Ahamad, M. Internet-scale probing of cps: Inference, characterization and orchestration analysis. In the Network and Distributed System Security Symposium (NDSS) (2017).Search in Google Scholar

[16] Felten, E. W., and Schneider, M. A. Timing attacks on web privacy. In Proceedings of the 7th ACM Conference on Computer and Communications Security (2000), ACM, pp. 25–32.Search in Google Scholar

[17] Feng, X., Li, Q., Wang, H., and Sun, L. Acquisitional rule-based engine for discovering internet-of-things devices. In 27th USENIX Security Symposium (USENIX Security 18) (2018), pp. 327–341.Search in Google Scholar

[18] Fu, X., Graham, B., Bettati, R., Zhao, W., and Xuan, D. Analytical and empirical analysis of countermeasures to traffic analysis attacks. In Proceedings of the 2003 International Conference on Parallel Processing (2003), IEEE, pp. 483–492.Search in Google Scholar

[19] Gargiulo, M. The future of the VPN market. https://www.forbes.com/sites/forbestechcouncil/2018/07/10/the-future-of-the-vpn-market, July 2018. Forbes.Search in Google Scholar

[20] Gong, X., Borisov, N., Kiyavash, N., and Schear, N. Website detection using remote traffic analysis. In Privacy Enhancing Technologies Symposium (2012), Springer, pp. 58–78.Search in Google Scholar

[21] Grover, S., and Feamster, N. The Internet of un-patched things. FTC PrivacyCon (2016).Search in Google Scholar

[22] Hoffman, P., and McManus, P. DNS Queries over HTTPS (DoH). RFC 8484, RFC Editor, October 2018.Search in Google Scholar

[23] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., and Hoffman, P. Specification for DNS over Transport Layer Security (TLS). RFC 7858, RFC Editor, May 2016.Search in Google Scholar

[24] Inverse inc. Fingerbank. https://fingerbank.org/.Search in Google Scholar

[25] Juarez, M., Imani, M., Perry, M., Diaz, C., and Wright, M. Toward an efficient website fingerprinting defense. In European Symposium on Research in Computer Security (2016), Springer, pp. 27–46.Search in Google Scholar

[26] Kastrenakes, J. Project Fi promises privacy with Googlerun VPN. https://www.theverge.com/2018/11/13/18089834/project-fi-enhanced-network-vpn-privacy-google-announcement, November 2018. The Verge.Search in Google Scholar

[27] Kohno, T., Broido, A., and Claffy, K. C. Remote physical device fingerprinting. IEEE Transactions on Dependable and Secure Computing 2, 2 (2005), 93–108.Search in Google Scholar

[28] Liu, J., Zhang, C., and Fang, Y. Epic: A differential privacy framework to defend smart homes against internet traffic analysis. IEEE Internet of Things Journal 5, 2 (2018), 1206–1217.Search in Google Scholar

[29] Mayer, J., Mutchler, P., and Mitchell, J. C. Evaluating the privacy properties of telephone metadata. Proceedings of the National Academy of Sciences 113, 20 (2016), 5536–5541.Search in Google Scholar

[30] Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.-R., and Tarkoma, S. IoT Sentinel: Automated device-type identification for security enforcement in IoT. In Distributed Computing Systems (ICDCS), 2017 IEEE 37th International Conference on (2017), IEEE, pp. 2177–2184.Search in Google Scholar

[31] Murdoch, S. J., and Danezis, G. Low-cost traffic analysis of Tor. In 2005 IEEE Symposium on Security and Privacy (S&P) (2005), IEEE, pp. 183–195.Search in Google Scholar

[32] Nithyanand, R., Cai, X., and Johnson, R. Glove: A bespoke website fingerprinting defense. In Proceedings of the 13th Workshop on Privacy in the Electronic Society (2014), ACM, pp. 131–134.Search in Google Scholar

[33] Park, H., Basaran, C., Park, T., and Son, S. H. Energy-efficient privacy protection for smart home environments using behavioral semantics. Sensors 14, 9 (2014), 16235–16257.Search in Google Scholar

[34] Rist, O. The best VPN routers of 2018. https://www.pcmag.com/roundup/365023/the-best-vpn-routers, November 2018. PCMag.Search in Google Scholar

[35] Schmitt, P., Edmundson, A., and Feamster, N. Oblivious DNS: Practical privacy for DNS queries. arXiv preprint arXiv:1806.00276 (2018).Search in Google Scholar

[36] Shamsi, Z., Cline, D. B., and Loguinov, D. Faulds: A non-parametric iterative classifier for Internet-wide OS fingerprinting. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (2017), ACM, pp. 971–982.Search in Google Scholar

[37] Shamsi, Z., Nandwani, A., Leonard, D., and Loguinov, D. Hershel: Single-packet OS fingerprinting. In ACM SIGMETRICS Performance Evaluation Review (2014), vol. 42, ACM, pp. 195–206.Search in Google Scholar

[38] Shmatikov, V., and Wang, M.-H. Timing analysis in low-latency mix networks: Attacks and defenses. In European Symposium on Research in Computer Security (2006), Springer, pp. 18–33.Search in Google Scholar

[39] Srinivasan, V., Stankovic, J., and Whitehouse, K. Protecting your daily in-home activity information from a wireless snooping attack. In Proceedings of the 10th International Conference on Ubiquitous Computing (2008), ACM, pp. 202–211.Search in Google Scholar

[40] Stark, H. Your Internet provider has already hacked your smart home. https://www.forbes.com/sites/haroldstark/2017/09/14/your-internet-provider-has-already-hacked-your-smart-home, September 2017. Forbes.Search in Google Scholar

[41] Van Den Hooff, J., Lazar, D., Zaharia, M., and Zeldovich, N. Vuvuzela: Scalable private messaging resistant to traffic analysis. In Proceedings of the 25th Symposium on Operating Systems Principles (2015), ACM, pp. 137–152.Search in Google Scholar

[42] Verde, N. V., Ateniese, G., Gabrielli, E., Mancini, L. V., and Spognardi, A. No NAT’d user left behind: Fingerprinting users behind NAT from Netflow records alone. In 34th International Conference on Distributed Computing Systems (ICDCS) (2014), IEEE, pp. 218–227.Search in Google Scholar

[43] Wang, T., Cai, X., Nithyanand, R., Johnson, R., and Goldberg, I. Effective attacks and provable defenses for website fingerprinting. In 23rd USENIX Security Symposium (USENIX Security 14) (2014), pp. 143–157.Search in Google Scholar

[44] Wang, T., and Goldberg, I. On realistically attacking Tor with website fingerprinting. Proceedings on Privacy Enhancing Technologies 2016, 4 (2016), 21–36.Search in Google Scholar

[45] Wang, T., and Goldberg, I. Walkie-talkie: An efficient defense against passive website fingerprinting attacks. In 26th USENIX Security Symposium (USENIX Security 17) (2017), pp. 1375–1390.Search in Google Scholar

[46] Wang, W., Motani, M., and Srinivasan, V. Dependent link padding algorithms for low latency anonymity systems. In Proceedings of the 15th ACM conference on Computer and communications security (2008), ACM, pp. 323–332.Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo