Mechanical Reveal

Study shows that even IoT encryption cannot hide home behavior from ISP engaging in traffic analysis. The programmed behavior of small devices makes this especially effective. pdf

Poster: A Smart Home is No Castle: Privacy Vulnerabilities of Encrypted IoT Traffic.

A passive network observer can identify smart home IoT devices and infer user behavior with the following three step privacy attack.

Separate traffic into individual device flows.

Identify device generating each flow.

Infer user behaviors from traffic rate changes.

Our results suggest the following approaches to protect smart home IoT devices from traffic rate privacy threats:

Firewalling smart home IoT devices could prevent an adversary from collecting traffic rate data. However, it is difficult to determine which encrypted flows are essential for device function and which can be safely blocked. Generating effective firewall rules or allowing selective blocking of encrypted traffic would require manufacturer support.

Tunneling IoT device traffic through a VPN could prevent an adversary from separating traffic flows from individual devices, provided they do not have access to traffic from the VPN exit point.

Shaping IoT device traffic could prevent accurate behavior inference. For example, devices without time-sensitive dependencies on cloud services could delay network communications, removing direct correlations between traffic rates and user behaviors.

Injecting IoT device traffic that mimics user behaviors could reduce an adversary’s confidence in behavior inferences. This would require a model of typical interaction patterns but could be implemented on a third-party hub in addition to on the protected devices themselves.


See Vague Dread of intentionally abusive things.

See ZigBee Chain Reaction for large scale vunerability.