Accurately Identify and Localize Commodity Devices from Encrypted Smart Home Traffic

Abstract

Nowadays, Internet of Things (IoT) based smart home system is equipped with a large number of smart devices, such as smart speakers and cameras, which can greatly facilitate users to control and automate their home environment. However, recent studies have shown that smart home system is at great risk of privacy leakage. Especially, external attackers can infer user privacy information by passively sniffing encrypted smart home network traffic. Traditional methods mainly focus on sniffing WiFi devices but pay less attention to other commodity devices such as Zigbee and Bluetooth (BLE). In this paper, we focus on inferring fine-grained sensitive details about users using diverse commodity devices. We apply deep learning techniques to infer users' behaviors through identifying and localizing smart home devices being used due to the excellent performance of deep learning in many fields. Specifically, we first pre-process encrypted device traffic, select valid features, and use Convolutional Neural Networks (CNN) for device identification. In addition, we extract the Received Signal Strength Indicator (RSSI) from the frame information of traffic packets and employ Sparse Autoencoder (SAE) to extract stable and distinguishable high-dimensional features for RSSI measurement. Features are fed into a Multilayer Perceptron (MLP) to predict the device's localization. In this way, we can infer human activity by identifying and localizing the devices being used. Extensive experiment results show that our work can achieve a mean position estimation error of 1.34m even in an unseen environment, outperforming other common- used localization algorithms based on RSSI fingerprints.