Because of a side channel attack known as the FATS (Fingerprint and Timing-Based Snooping) attack a snooper could detect, with undeniable accuracy, the private actions occurring in a home, residential environment, or assisted living community. All a snooper would need are the timestamp and the wireless fingerprint from a wireless sensor. This information is available even on a sensor that is encrypted. The multi-tier nature of this attack can lead to predictions about the number of people in a home and, ultimately, the length of time cooking or showering. Luckily, there are ways to protect against this gross invasion of privacy.
In Tier 0 of the attack the snooper only has access to the timestamps, and as a result only general activities such as occupancy or sleeping can be detected. Tier I is the stage in which the adversary has access to the fingerprints and can get more specific in their detection. By using sensors from various rooms, the snoop can find out how many occupants the home has. Starting in Tier III the adversary can begin to detect how many times each resident visits the bathroom or the kitchen. It can even be focused to recognize differences in actions like cooking different types of food, showering or grooming. By testing the technology on houses of various layouts and numbers of occupants, the researches can be confident in the accuracy of the tests. While the accuracy of the predictions for multiple occupant homes declines, it is still well above the statistics of random guessing. By believing that encryption was all that was necessary to protect the privacy of homes, systems have been left open to attacks of this sort. Luckily, there are ways to protect systems from a FATS attack.
There are various guidelines that can help to enhance privacy in wireless sensor systems such as these. First, signal attenuators can be placed in rooms to mask the activity in these rooms. Next, random delay in transmissions, especially in places like the bathroom where there are short visits, can mask these actions. In rooms where durations of stay are longer, however, periodic transmission of signals can keep activities more secret. The fourth way of protecting is fingerprint masking. This is a system that should be used in areas where the other guidelines are implausible or unacceptable because of the types of sensors. The final guideline is spurious or fake transmissions. These should be combined with real transmissions in sensors that can afford the high-energy cost from the transmissions. In reality, however, the best protection would be a combination of these guidelines.
There is no way to say what a person should do if they are victim of such an attack. While the loss of privacy from such a snooper would be uncomfortable and even costly for a company, there is no way to truly recover information that might have been lost in such a situation. I believe that the way to proceed after a FATS attack would be to employ the guidelines for protection from above and hope that such an attack does not happen in the future.
Posts
This is definitely an interesting twist on an attack against some mature technology. Does anyone have any thoughts on the types of things one might be able to detect with this sort of attack and the privacy implications?
ReplyDelete