LOIS: Low-cost Packet Header Protection for IoT Devices

Abstract

The widely deployed IoT devices in various applications, such as smart homes and smart factories, pose new privacy concerns. IoT devices typically capture users’ activities or collect information from their surroundings and then send the information to remote cloud servers, exposing private information to passive adversaries by looking at the packet headers. Thus, in an enhanced IoT security protocol, protecting privacy also requires hiding packet headers and other traffic metadata. This work presents the LOIS framework, a packet-level packet header protector based on efficient one-time keystreams. LOIS allows IoT devices to efficiently hide the IP and port information in packet headers while allowing the cloud to recover the original packet headers. Besides, LOIS can easily integrate with existing IoT traffic padding algorithms to hide traffic patterns. We implement LOIS on commodity servers running in a public cloud. Our experimental results show that LOIS only introduces moderate overhead. For example, results show that LOIS only incurs about 250–365 ns end-to-end latency on average for the upload traffic, which is 80%–90% less than that of IPsec.