FATS Attack
In this project, we demonstrate a new privacy leak in residential wireless ubiquitous computing systems, including medical monitoring systems like AlarmNet. We show that we can observe private activities in the home such as cooking, showering, toileting, and sleeping by eavesdropping on the wireless transmissions of sensors in a home, even when all of the transmissions are encrypted. To infer this activity information, an adversary relies only on the time at which each message is sent and the fingerprint of each wireless transceiver, where wireless fingerprinting is an established technique that has been demonstrated on 802.11, Bluetooth radios, and Chipcon 1000 radios, and can be used to tell whether subsequent transmissions are from the same or different transceivers. Thus, we call this the Fingerprint and Timing-based Snooping (FATS) attack. We demonstrated and evaluated the FATS attack using real sensor data from eight different homes containing wireless sensors and found that we can infer a range of daily activities including when and how often the bathroom and kitchen are visited, when the person is sleeping, showering or cooking and when the home is occupied with 90-100% accuracy.
Applications for assisted living facilities and elderly monitoring such as AlarmNet are designing sensors to detect activity of the medicine cabinet, toilet, shower, sinks, and stove. The information we could infer in the FATS attack through eavesdropping about bathroom and kitchen usage is the same information that doctors and hospitals are trying to use to identify possible illnesses such as diabetes and dementia. Diabetes patients may use the bathroom more frequently and dementia patients may be more likely to skip meals. Thus, this information can be considered private medical information that an elderly monitoring application and other applications are obliged to protect, and not to broadcast onto the public airwaves, in accordance with HIPAA regulations.
We propose and evaluate a set of privacy preserving design guidelines for future wireless ubiquitous systems and show how these guidelines can be used in a hybrid fashion to prevent against the FATS attack with low implementation costs. These privacy solutions include radio signal attenuation, introducing random delays or periodic transmissions, fingerprint masking and sending fake messages. The design guidelines that we propose greatly decrease the effectiveness of the FATS attack, reducing the inference accuracy to anywhere from 0 to 15%, while greatly reducing implementation costs.
Lead Researcher
Publications:
- Srinivasan, V., Stankovic, J., and Whitehouse, K. 2008. “Protecting your daily in-home activity information from a wireless snooping attack.” In Proceedings of the 10th international Conference on Ubiquitous Computing (Seoul, Korea, September 21 – 24, 2008). UbiComp ‘08, vol. 344. ACM, New York, NY, 202-211. DOI=http://doi.acm.org/10.1145/1409635.1409663