Search for: All records

Recently, there has been a growing interest in automatically collecting distributed solar photovoltaic (PV) installation information in smart grid systems, including the quantity and locations of solar PV deployments, as well as their profiling information across a given geospatial region. Most recent approaches are still suffering low detection accuracy due to insufficient sample and principal feature learning when building their models and also separation of rooftop object segmentation and identification during their detection processes. In addition, they cannot report accurate multi-deployment results. To address these problems, we design a new system-SolarDetector⁺, which can automatically and accurately detect and profile distributed solar PV arrays without any extra cost. In essence, SolarDetector⁺first leverages multiple data augmentation techniques, including Cycle-Consistent Adversarial Networks, Latent Diffusion Models, and Generative Adversarial networks, to build a large rooftop satellite imagery dataset (RSID). Then, SolarDetector⁺employs Mask R-convolutional neural networks algorithm to accurately identify rooftop solar PV arrays and learn the detailed installation information for each solar PV array simultaneously. We find that pre-trained SolarDetector⁺yields an average Matthews correlation coefficient of 0.862 to detect solar PV arrays over RSID, which is ∼50% better than the most recent open source detection system—SolarFinder. 

Extensive recent research has shown that it is surprisingly easy to infer Amazon Alexa voice commands over their network traffic data. To prevent these traffic analytics (TA)-based inference attacks, smart home owners are considering deploying virtual private networks (VPNs) to safeguard their smart speakers. In this work, we design a new machine learning-powered attack framework—VoiceAttack that could still accurately fingerprint voice commands on VPN-encrypted voice speaker network traffic. We evaluate VoiceAttack under 5 different real-world settings using Amazon Alexa and Google Home. Our results show that VoiceAttack could correctly infer voice command sentences with a Matthews Correlation Coefficient (MCC) of 0.68 in a closed-world setting and infer voice command categories with an MCC of 0.84 in an open-world setting by eavesdropping VPN-encrypted network traffic data. This presents a significant risk to user privacy and security, as it suggests that external on-path attackers could still potentially intercept and decipher users’ voice commands despite the VPN encryption. We then further examine the sensitivity of voice speaker commands to VoiceAttack. We find that 134 voice speaker commands are highly vulnerable to VoiceAttack. We also present a defense approach—VoiceDefense, which could inject inject appropriate traffic “noise” into voice speaker traffic. And our evaluation results show that VoiceDefense could effectively mitigate VoiceAttack on Amazon Echo and Google Home. 

Internet of Things (IoT) devices have been increasingly deployed in smart homes to automatically monitor and control their environments. Unfortunately, extensive recent research has shown that on-path external adversaries can infer and further fingerprint people’s sensitive private information by analyzing IoT network traffic traces. In addition, most recent approaches that aim to defend against these malicious IoT traffic analytics cannot adequately protect user privacy with reasonable traffic overhead. In particular, these approaches often did not consider practical traffic reshaping limitations, user daily routine permitting, and user privacy protection preference in their design. To address these issues, we design a new low-cost, open source user-centric defense system—PrivacyGuard—that enables people to regain the privacy leakage control of their IoT devices while still permitting sophisticated IoT data analytics that is necessary for smart home automation. In essence, our approach employs intelligent deep convolutional generative adversarial network assisted IoT device traffic signature learning, long short-term memory based artificial traffic signature injection, and partial traffic reshaping to obfuscate private information that can be observed in IoT device traffic traces. We evaluate PrivacyGuard using IoT network traffic traces of 31 IoT devices from five smart homes and buildings. We find that PrivacyGuard can effectively prevent a wide range of state-of-the-art adversarial machine learning and deep learning based user in-home activity inference and fingerprinting attacks and help users achieve the balance between their IoT data utility and privacy preserving.