We demonstrated that we can eavesdrop on wireless devices in a home and extract private information, even when all of the wireless data is encrypted, by relying only on the time at which each message is sent and the fingerprint of each wireless transceiver, where wireless fingerprinting is an established technique that has been demonstrated on 802.11, Bluetooth radios, and Chipcon 1000 radios, and can be used to tell whether subsequent transmissions are from the same or different transceivers. Thus we call this a Fingerprint and Timing-based Snooping attack (FATS). Our results demonstrate that we can infer when and how often the bathroom and kitchen are visited, when the person is sleeping, and when the home is occupied with 90-100\% accuracy. An adversary can potentially infer more private medical or personal information from these primitive variables, especially if stronger assumptions are made. We demonstrate this privacy attack by deploying wireless sensors in four different homes for one week. We also empirically evaluate several possible solutions to this attack, and find that each solution has some cost and offers a different trade-off, however, and none of them completely solves the problem.

The FATS attack could be posed on many existing wireless systems which are currently widely deployed throughout the world. Over 32 million homes in the US have security systems~\cite{parksAssociates}, and many of these use wireless sensors that send out a radio message every time a door or window is opened or closed, or every time something moves inside the home. Over 5 million homes have X10 devices~\cite{X10} such as motion sensors, wireless doorbells, appliance controls, wireless smoke detectors, and wireless light switches, and an estimated 20 million ZigBee devices will be deployed by the end of 2007~\cite{beeline}. Applications for assisted living facilities and elderly monitoring in the home are designing sensors to detect activity of the medicine cabinet, toilet, shower, sinks, and stove~\cite{alarmnet,gatech}. The information we could infer through eavesdropping about bathroom and kitchen usage is the same information that doctors and hospitals are trying to use to identify possible illnesses such as diabetes and dementia~\cite{aging}. Diabetes patients may use the bathroom more frequently and dementia patients may be more likely to skip meals. Thus, this information can be considered private medical information that an elderly monitoring application and other applications are {\em obliged} to protect, and not to broadcast onto the public airwaves. FATS attacks could also be used for corporate or international espionage. For example, activity in a certain part of a building could alert a neighboring competitor that a product release date is approaching. Furthermore, an adversary will likely be able to infer more sensitive private variables if stronger assumptions can be made, and the increasing ubiquity of wireless devices in human environments will serve to make such privacy attacks easier.

Vijay Srinivasan, John A. Stankovic and Kamin Whitehouse. Protecting Your Daily In-home Activity Information from a Wireless Snooping Attack. UbiComp '08.