packet level signatures for
play

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, - PowerPoint PPT Presentation

Feb 24, 2024 •451 likes •1.92k views

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina Markopoulou, and Brian Demsky Smart Home 2 Smart Home Smart Plugs 2 Smart Home Smart Plugs Light Bulbs 2 Smart Home Smart Plugs Light Bulbs

  1. Universal Signatures ● Applies to many devices ○ Our corpus: 18 devices 18

  2. Universal Signatures ● Applies to many devices ○ Our corpus: 18 devices 19

  3. Universal Signatures ● Applies to many devices ○ Our corpus: 18 devices ○ Public dataset Mon(IoT)r ■ Extraction for 21 new devices 19

  4. Universal Signatures ● Applies to many devices ○ Our corpus: 18 devices ○ Public dataset Mon(IoT)r ■ Extraction for 21 new devices 19

  5. Universal Signatures ● Applies to many devices ○ Our corpus: 18 devices ○ Public dataset Mon(IoT)r ■ Extraction for 21 new devices ■ Comparison for 5 common devices 19

  6. Universal Signatures ● Three communications ● Two adversaries ○ WAN and Wi-Fi sniffers ● Different triggers ○ Local -Phone 19

  7. Universal Signatures ● Three communications ● Two adversaries ○ WAN and Wi-Fi sniffers ● Different triggers ○ Local -Phone ○ Remote -Phone, and ○ Home Automation 19

  8. Universal Signatures Universal Signatures ● Three communications ● Two adversaries ○ WAN and Wi-Fi sniffers ● Different triggers ○ Local -Phone ○ Remote -Phone, and ○ Home Automation 19

  9. Universal Signatures ● Three communications ● Two adversaries ○ WAN and Wi-Fi sniffers ● Different triggers ○ Local -Phone ○ Remote -Phone, and ○ Home Automation ● Matching with recall > 97% 19

  10. Unique Signatures ● Distinguish ○ Device type ○ Event type: binary and non-binary ○ Same-vendor devices 20

  11. Unique Signatures ● Distinguish ○ Device type ○ Event type: binary and non-binary ○ Same-vendor devices 20

  12. Unique Signatures ● Distinguish ○ Device type ○ Event type: binary and non-binary ○ Same-vendor devices ● Negative control experiment ○ Three public datasets: >440 million packets ■ YourThings, UNSW, UNB ○ FPR: one FP per 40 million packets 20

  13. Packet-Level Signatures ● Can distinguish event types 21

  14. Packet-Level Signatures ● Can distinguish event types ● Minimal set of traffic features 21

  15. Packet-Level Signatures ● Can distinguish event types ● Minimal set of traffic features ● Two adversaries 21

  16. Packet-Level Signatures ● Can distinguish event types ● Minimal set of traffic features ● Two adversaries ● Applicable to many devices 21

  17. Packet-Level Signatures ● Can distinguish event types ● Minimal set of traffic features ● Two adversaries ● Applicable to many devices ● Resilient to traffic shaping & VPN encryption ● Defended against by packet padding 21

  18. Packet-Level Signatures ● Can distinguish event types ● Minimal set of traffic features ● Two adversaries ● Applicable to many devices ● Resilient to traffic shaping & VPN encryption ● Defended against by packet padding ● Profiling and network monitoring 21

  19. Limitations ● Need device to train ● Signatures may vary over time ● Apply to 95% of devices ○ UDP-based ○ Repetitive pairs for an event 22

  20. Outline I. Background and Problem Statement II. Key Observation: Packet-Level Signatures III.The PingPong System IV.Conclusion 23

  21. Conclusions ● Packet-level signatures ○ Request-reply pattern ○ Packet lengths and directions ● Automation: PingPong ○ Extraction and detection ● Signatures are universal and unique 24

  22. Thank You! ● Paper https://www.ndss-symposium.org/ndss- paper/packet-level-signatures-for-smart-home- devices/ ● Software and datasets http://plrg.ics.uci.edu/pingpong/ 25

  23. Additional Slides

  24. Signature Variations ● Signatures with no variation C-556 S-1293 ● Signatures with ranges C-339 S-329 C-[364-365] S-[1061-1070] C-[271-273] S-[499-505] ● Signatures that vary ○ Signature evolution ○ Signatures that vary in certain packets ■ App’s username and password C-556 S-1293 2018 C-592 S-1234 S-100 2019 C-605 S-1213 S-100

Recommend

Scheduling in Wireless Networks With Packet-Level and Flow-Level Dynamics Ramin Khalili Reading

Scheduling in Wireless Networks With Packet-Level and Flow-Level Dynamics Ramin Khalili Reading

Scheduling in Wireless Networks With Packet-Level and Flow-Level Dynamics Ramin Khalili Reading Group: 01.02.2011 1 Outline network model packet-level scheduling flow-level scheduling multi-channel case conclusion 2

328 views • 22 slides
Advances in ad hoc networking: Packet Level Authentication Dmitrij Lagutin, dlagutin@cc.hut.fi

Advances in ad hoc networking: Packet Level Authentication Dmitrij Lagutin, dlagutin@cc.hut.fi

Advances in ad hoc networking: Packet Level Authentication Dmitrij Lagutin, dlagutin@cc.hut.fi T-79.5401 Special Course in Mobility Management: Ad hoc networks, 2.5.2007 Contents Introduction Packet Level Authentication

542 views • 20 slides
Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties

Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties

Signatures Lecture 22 Signatures Signatures Signatures with various functionality/properties Signatures Signatures with various functionality/properties Constructions come in different flavors (well sample each flavor): Signatures

1.55k views • 131 slides
Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier

Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier

Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier dhartmei@openbsd.org Systor AG Usenix 2002 p.1/22 Introduction part of a firewall, working on IP packet level (vs. application level proxies or ethernet

455 views • 33 slides
Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And

Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And

Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And Putting It All Together Lecture 12 Digital Signatures Digital Signatures Syntax: KeyGen, Sign SK and Verify VK . Security: Same experiment as MAC s,

1.72k views • 142 slides
Towards High- -performance performance Towards High Flow- -level Packet Processing level

Towards High- -performance performance Towards High Flow- -level Packet Processing level

Towards High- -performance performance Towards High Flow- -level Packet Processing level Packet Processing Flow on Multi- -core Network Processors core Network Processors on Multi Yaxuan Qi (presenter), Bo Xu, Fei He, Baohua Yang,

568 views • 27 slides
Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides
BPF in-kernel virtual machine 1 BPF is Berkeley Packet Filter low level

BPF in-kernel virtual machine 1 BPF is Berkeley Packet Filter low level

BPF in-kernel virtual machine 1 BPF is Berkeley Packet Filter low level instruction set kernel infrastructure around it interpreter JITs maps helper functions Agenda status and new use cases architecture

680 views • 41 slides
Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from

Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from

Motivation Research Question Results Conclusion Notes Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from Standard Signatures Siamak Shahandashti 1 Rei Safavi-Naini 2 1 SCSSE & CCISR, Uni

465 views • 46 slides
1 Arbitrated Digital Signatures Digital Signature Standard (DSS) US Govt approved signature

1 Arbitrated Digital Signatures Digital Signature Standard (DSS) US Govt approved signature

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Digital Signatures have looked at message authentication but does not address issues of lack of trust Chapter 13 Digital Signatures digital signatures provide the ability to:

361 views • 3 slides
Packet-Level Analytics in Software without Compromises HotCloud 18, July 9th, 2018, Boston, MA

Packet-Level Analytics in Software without Compromises HotCloud 18, July 9th, 2018, Boston, MA

Packet-Level Analytics in Software without Compromises HotCloud 18, July 9th, 2018, Boston, MA Oliver Michel John Sonchack Eric Keller Jonathan M. Smith Network monitoring is important Security issues Analytics Platform Performance

418 views • 27 slides
Efficient Unlinkable Sanitizable Signatures from Signatures with Re-Randomizable Keys Nils

Efficient Unlinkable Sanitizable Signatures from Signatures with Re-Randomizable Keys Nils

Efficient Unlinkable Sanitizable Signatures from Signatures with Re-Randomizable Keys Nils Fleischhacker Johannes Krupp Giulio Malavolta Jonas Schneider Dominique Schr oder Mark Simkin March 7, 2016 Sanitizable Signatures

577 views • 46 slides
Lecture 12 Digital Signatures from one-way functions Signatures vs. MACs Signatures MAC s

Lecture 12 Digital Signatures from one-way functions Signatures vs. MACs Signatures MAC s

Lecture 12 Digital Signatures from one-way functions Signatures vs. MACs Signatures MAC s users require only secretkeys users require n 2 secretkeys Privately verifiable and non-transferable Same signature

764 views • 53 slides
Three-Level Deep Packet Inspection Jianghai LI, Wen Si, Xiaojin Huang Institute of Nuclear Energy

Three-Level Deep Packet Inspection Jianghai LI, Wen Si, Xiaojin Huang Institute of Nuclear Energy

CPS-SR CPS-IoT Week 2019 April 15 - 18, 2019 Montreal, Canada Intrusion Detection of Networked Cyber-Physical Systems via Three-Level Deep Packet Inspection Jianghai LI, Wen Si, Xiaojin Huang Institute of Nuclear Energy Technology (INET)

611 views • 32 slides
Leptophilic Higgs Leptophilic Higgs Signatures at the LHC Signatures at the LHC (And the

Leptophilic Higgs Leptophilic Higgs Signatures at the LHC Signatures at the LHC (And the

Leptophilic Higgs Leptophilic Higgs Signatures at the LHC Signatures at the LHC (And the Importance of Leptonic Decays for Higgs Discovery) Brooks Thomas (The University of Arizona) Shufang Su & BT [arXiv:0903.0667] What do we know about

375 views • 26 slides
Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures 2020-02-25 1 Outline Recap: security experiments Message space extension One-time signatures One-time signatures from one-way functions Digital

1.07k views • 48 slides
Packet Transactions: High-Level Programming for Line-Rate Switches Anirudh Sivaraman, Alvin

Packet Transactions: High-Level Programming for Line-Rate Switches Anirudh Sivaraman, Alvin

Packet Transactions: High-Level Programming for Line-Rate Switches Anirudh Sivaraman, Alvin Cheung, Mihai Budiu, Changhoon Kim, Mohammad Alizadeh, Hari Balakrishnan, George Varghese, Nick McKeown, Steve Licking Programmability at line rate

651 views • 48 slides
Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer

Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer

03/11/2017 Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer to a radio for the transmission of digital data via amateur radio. It is another mode of operation that has a multitude of uses, such as

571 views • 17 slides
How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet monitor? How to acquire the data Handling performance bottlenecks Case Study: Packet Capture Performance Analyzing the transport and

487 views • 37 slides
Proving tight security for Rabin-Williams signatures D. J. Bernstein Public-key signatures 1976

Proving tight security for Rabin-Williams signatures D. J. Bernstein Public-key signatures 1976

Proving tight security for Rabin-Williams signatures D. J. Bernstein Public-key signatures 1976 Diffie Hellman: Public-key signatures would allow verification by anyone, not just signer. Cool! Can we build a signature system? 1977 Rivest

743 views • 33 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs) packets being

485 views • 13 slides
Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures

Digital Signatures Dennis Hofheinz (slides based on slides by Bjrn Kaidel) Digital Signatures 2020-03-03 1 Outline Why assumptions? Efficient one-time signatures Digital Signatures 2020-03-03 2 Recap: Lamport EUF-1-CMA secure

1.14k views • 37 slides
Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #)

Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #)

Curriculum & Activities Night Class of 2020 Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #) Feeder School Name NEON GREEN sticker on front of packet = MISSING EXPLORE Appointment date

99 views • 6 slides
Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How

Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How

Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How to authenticate a data packet containing the electricity usage of a room at certain time? Data is signed, but how to verify the signature?

224 views • 19 slides

More recommend