Análise de Vazamentos Temporais Side-Channel no Contexto da Internet das Coisas

  • Nelson Gonçalves Prates Junior Univesity of Paraná
  • Andressa Vergutz UFPR - Universidade Federal do Paraná
  • Ricardo Tombesi Macedo Universidade Federal de Santa Maria
  • Michele Nogueira Universidade Federal do Paraná

Resumo


The Internet of Things (IoT) emerged because of the technologicalevolution of wireless sensor networks, which enabled these sensors to integrate with common objects. These objects are equipped with sensors and actuatorscollect data from users and the environment, process them, and transform theminto useful information. By allowing the transmission of restricted / personaldata, communication traffic between devices becomes an interesting target forattackers who either access or manipulate them. However, even with cryptographic data, side-channel attacks exploit the characteristics of devices forthe purpose of acquiring information that may compromise the security of thenetwork structure. This work presents a way of characterizing the identical IoT dispositives by only exploring the time information. It carried the activitiesout such as structuring an experimental scenario, collecting traffic, extractingstatistical characteristics and finally identifying the dispositives. The results show we can identify even identical devices with up to 100% of accuracy.

Palavras-chave: Internet das Coisas, Redes sem Fio, Segurança, Ataques de Canal Lateral

Referências

Apthorpe, N., Reisman, D., Sundaresan, S., Narayanan, A., and Feamster, N. (2017). Spying on the smart home: Privacy attacks and defenses on encrypted IoT traffic. arXiv:1708.05044.

Chen, S., Wang, R., Wang, X., and Zhang, K. (2010). Side-channel leaks in web applications: A reality today, a challenge tomorrow. In IEEE Symposium on Security and Privacy, pages 191-206. IEEE.

Conti, M., Li, Q. Q., Maragno, A., and Spolaor, R. (2018). The dark side (-channel) of mobile devices: A survey on network traffic analysis. IEEE Commun. Surveys & Tuts., 20(4):2658-2713.

Feghhi, S. and Leith, D. J. (2016). A web traffic analysis attack using only timing information. IEEE Trans. Inf. Forensics Security, 11(8):1747-1759.

Malik, N., Chandramouli, J., Suresh, P., Fairbanks, K., Watkins, L., and Robinson, W. H. (2017). Using network traffic to verify mobile device forensic artifacts. In 2017 14th IEEE Annual Consum. Commun. & Netw. Conference (CCNC), pages 114-119. IEEE.

Montenegro, G., Kushalnagar, N., Hui, J., and Culler, D. (2007a). Transmission of ipv6 packets over ieee 802.15. 4 networks. Technical report, IETF.

Montenegro, G., Schumacher, C., and Kushalnagar, N. (2007b). IPv6 over Low-Power Wire-less Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals. Technical Report 4919, IETF.

Pacheco, F., Exposito, E., Gineste, M., Baudoin, C., and Aguilar, J. (2018). Towards the deploy-ment of machine learning solutions in network traffic classification: A systematic survey. IEEE Commun. Surveys & Tuts,.

Prates, N., Pelloso, M., Macedo, R., and Nogueira, M. (2018). Ameaças de segurança, defesas e análise de dados em iot baseada em sdn. In Minicursos SBSeg 2018, chapter 1, pages 1-50. SBC.

Rescorla, E. and Modadugu, N. (2012). Datagram Transport Layer Security Version 1.2. Technical Report 6347, IETF.

Saltaformaggio, B., Choi, H., Johnson, K., Kwon, Y., Zhang, Q., Zhang, X., Xu, D., and Qian, J. (2016). Eavesdropping on fine-grained user activities within smartphone apps over encrypted network traffic. In USENIX Workshop on Offensive Technologies).

Sayakkara, A., Le-Khac, N.-A., and Scanlon, M. (2019). A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics. Digital Investi-gation.

Selis, V. and Marshall, A. (2017). A fake timing attack against behavioural tests used in embedded iot m2m communications. In Cyber Security in Netw. Conference, pages 1-6. IEEE.

Shelby, Z., Hartke, K., and Bormann, C. (2014). The Constrained Application Protocol (CoAP). Technical Report 7252, IETF.

Sivanathan, A., Gharakheili, H. H., Loi, F., Radford, A., Wijenayake, C., Vishwanath, A., and Sivaraman, V. (2018). Classifying iot devices in smart environments using network traffic characteristics. IEEE Trans. on Mobile Comput.

Srinivasan, V., Stankovic, J., and Whitehouse, K. (2008). Protecting your daily in-home activity information from a wireless snooping attack. In Proceedings of the 10th international confe-rence on Ubiquitous computing, pages 202-211. ACM.

Taylor, V. F., Spolaor, R., Conti, M., and Martinovic, I. (2018). Robust smartphone app identi-fication via encrypted network traffic analysis. IEEE Trans. on Informat. Forensics Security, 13(1):63-78.

Thubert, P., Bormann, C., Toutain, L., and Cragie, R. (2017). Ipv6 over low-power wireless personal area network (6lowpan) routing header. Technical report, IETF.

Vergütz, A., da Silva, R., Nacif, J. A. M., Vieira, A. B., and Nogueira, M. (2017). Mapping critical illness early signs to priority alert transmission on wireless networks. In IEEE Latin-American Conference on Commun., pages 1-6. IEEE.

Veysset, F., Courtay, O., Heen, O., Team, I., et al. (2002). New tool and technique for remote operating system fingerprinting. Intranode Software Technologies, 4.

Yan, Y., Oswald, E., and Tryfonas, T. (2017). Exploring potential 6LoWPAN traffic side channels. IACR Cryptology ePrint Archive, 2017:316.
Publicado
23/09/2019
PRATES JUNIOR, Nelson Gonçalves; VERGUTZ, Andressa ; TOMBESI MACEDO, Ricardo ; NOGUEIRA, Michele . Análise de Vazamentos Temporais Side-Channel no Contexto da Internet das Coisas. In: WORKSHOP DE GERÊNCIA E OPERAÇÃO DE REDES E SERVIÇOS (WGRS), 24. , 2019, Gramado. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2019 . p. 154-167. ISSN 2595-2722. DOI: https://doi.org/10.5753/wgrs.2019.7690.