An official website of the United States government
Smart home electronic devices invisibly collect, process, and exchange information with each other and with remote services, often without a home occupants' knowledge or consent. These devices may be mobile or fixed and may have wireless or wired network connections. Detecting and identifying all devices present in a home is a necessary first step to control the flow of data, but there exists no universal mechanism to detect and identify all electronic devices in a space. In this paper we present ICED (Identification and Classification of Electronic Devices), a system that can (i) identify devices from a known set of devices, and (ii) detect the presence of previously unseen devices. ICED, based on harmonic radar technology, collects measurements at the first harmonic of the radar's transmit frequency. We find that the harmonic response contains enough information to infer the type of device. It works when the device has no wireless network interface, is powered off, or attempts to evade detection. We evaluate performance on a collection of 17 devices and find that by transmitting a range of frequencies we correctly identify known devices with 97.6% accuracy and identify previously unseen devices as ‘unknown’ with 69.0% balanced accuracy.
more »
« less
By Your Command: Extracting the User Actions that Create Network Flows in Android
Given the complexity of modern systems, it can be difficult for device defenders to pinpoint the user action that precipitates a network connection. Mobile devices, such as smartphones, further complicate analysis since they may have diverse and ephemeral network connectivity and support users in both personal and professional capacities. There are multiple stakeholders associated with mobile devices, such as the end-user, device owner, and each organization whose assets are accessed via the device; however, none may be able to fully manage, troubleshoot, or defend the device on their own. In this work, we explore a set of techniques to determine the root cause of each new network flow, such the button press or gesture for user-initiated flows, associated with a mobile device. We fuse the User Interface (UI) context with network flow data to enhance network profiling on the Android operating system. In doing so, we find that we can improve network profiling by clearly linking user actions with network behavior. When exploring effectiveness, the system enables allow-lists to reach over 99% accuracy, even when user-specified destinations are used.
more »
« less
- Award ID(s):
- 1651540
- PAR ID:
- 10431053
- Date Published:
- Journal Name:
- International Conference on the Network of the Future
- ISSN:
- 2833-0072
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
When consumers install Internet-connected "smart devices" in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to defend themselves against profiling by ISP-like actors and that is more in tune with their wishes. In this thesis, we present The Onion Router for Smart Homes (TorSH), a network of smart-home routers working collaboratively to defend smart-device traffic from analysis by ISP-like adversaries. We demonstrate that TorSH succeeds in deterring such profiling while preserving smart-device experiences and without encumbering latency-sensitive, non-smart-device experiences like web browsing.more » « less
-
Mobile tracking has long been a privacy problem, where the geographic data and timestamps gathered by mobile network operators (MNOs) are used to track the locations and movements of mobile subscribers. Additionally, selling the geolocation information of subscribers has become a lucrative business. Many mobile carriers have violated user privacy agreements by selling users’ location history to third parties without user consent, exacerbating privacy issues related to mobile tracking and profiling. This paper presents AAKA, an anonymous authentication and key agreement scheme designed to protect against mobile tracking by honest-but-curious MNOs. AAKA leverages anonymous credentials and introduces a novel mobile authentication protocol that allows legitimate subscribers to access the network anonymously, without revealing their unique (real) IDs. It ensures the integrity of user credentials, preventing forgery, and ensures that connections made by the same user at different times cannot be linked. While the MNO alone cannot identify or profile a user, AAKA enables identification of a user under legal intervention, such as when the MNOs collaborate with an authorized law enforcement agency. Our design is compatible with the latest cellular architecture and SIM standardized by 3GPP, meeting 3GPP’s fundamental security requirements for User Equipment (UE) authentication and key agreement processes. A comprehensive security analysis demonstrates the scheme’s effectiveness. The evaluation shows that the scheme is practical, with a credential presentation generation taking∼ 52 ms on a constrained host device equipped with a standard cellular SIM.more » « less
-
Cache-Version Selection and Content Placement for Adaptive Video Streaming in Wireless Edge NetworksWireless edge networks are promising to provide better video streaming services to mobile users by provisioning computing and storage resources at the edge of wireless network. However, due to the diversity of user interests, user devices, video versions or resolutions, cache sizes, network conditions, etc., it is challenging to decide where to place the video contents, and which cache and video version a mobile user device should select. In this paper, we study the joint optimization of cache-version selection and content placement for adaptive video streaming in wireless edge networks. We propose practical distributed algorithms that operate at each user device and each network cache to maximize the overall network utility. In addition to proving the optimality of our algorithms, we implement our algorithms as well as several baseline algorithms on ndnSIM, an ns-3 based Named Data Networking simulator. Simulation evaluations demonstrate that our algorithms significantly outperform conventional heuristic solutions.more » « less
-
Modern mobile users commonly use multiple heterogeneous mobile devices, including smartphones, tablets, and wearables. Enabling these devices to seamlessly share their computational, network, and sensing resources has great potential benefit. Sharing resources across collocated mobile devices creates mobile device clouds (MDCs), commonly used to optimize application performance and to enable novel applications. However, enabling heterogeneous mobile devices to share their resources presents a number of difficulties, including the need to coordinate and steer the execution of devices with dissimilar network interfaces, application programming models, and system architectures. In this paper, we describe a solution that systematically empowers heterogeneous mobile devices to seamlessly, reliably, and efficiently share their resources. We present a programming model and runtime support for heterogeneous mobile device-to-device resource sharing. Our solution comprises a declarative domain-specific language for device-to-device cooperation, supported by a powerful runtime infrastructure. we evaluated our solution by conducting a controlled user study and running performance/energy efficiency benchmarks. The evaluation results indicate that our solution can become a practical tool for enhancing the capabilities of modern mobile applications by leveraging the resources of nearby mobile devices.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
