Noah Apthorpe will present his general exam on Friday, May 12, 2017 in CS 301 at 3:30pm The members of his committee are: Nick Feamster, Jennifer Rexford, and Ed Felten Everyone is invited to attend his talk, and those faculty wishing to remain for the oral exam following are welcome to do so. His abstract and reading list follow below. BQ_BEGIN Privacy risks of s mart home Internet-of-things traffic analysis and low-cost solutions The growing market for smart home IoT devices promises new conveniences for consumers while presenting novel challenges for preserving privacy within the home. Many smart home devices have always-on sensors that capture users’ offline activities in their living spaces and transmit information about these activities on the Internet. The recent reversal of the FCC broadband privacy rules will allow Internet Service Providers (ISPs) to continue collecting, and potentially selling, consumer data obtained by network traffic analysis. Here, we demonstrate that an ISP can infer privacy sensitive in-home activities using IPFIX (NetFlow) records or packet captures from smart homes containing commercially-available IoT devices even when the devices use SSL encryption . We show that well-studied traffic shaping techniques for preventing traffic correlation attacks on anonymity networks are also effective at preventing activity inference from smart home traffic. However, these traffic shaping techniques trade off latency and cover traffic bandwidth, which can result in unacceptable device performance or expensive pay-per-use Internet access fees. This tradeoff is required because these techniques assume an adversary with packet captures that include all packet sizes, send times, and inter-packet intervals. In reality, ISPs predominantly collect IPFIX or NetFlow records from routers and switches rather than packet captures. We propose and evaluate a technique for preventing smart home activity inference from sampled or unsampled NetFlow records that does not effect network latency or device performance and requires minimal bandwidth overhead. This technique complements increased interest in virtual private networks (VPNs) since the reversal of the FCC broadband privacy rules and is deployable on smart home devices, third-party IoT hubs, or gateway routers. Note: This work is a continuation of the workshop paper " A Smart Home is No Castle: P rivacy Vulnerabilities of Encrypted IoT Traffic " by Apthorpe, et al. Textbook Computer Networks (5th Edition) by Peterson & Davie Papers Shmatikov, Vitaly, and Ming-Hsiu Wang. "Timing analysis in low-latency mix networks: Attacks and defenses." In European Symposium on Research in Computer Security , pp. 18-33. Springer Berlin Heidelberg, 2006. ( PDF ) Fu, Xinwen, Bryan Graham, Riccardo Bettati, Wei Zhao, and Dong Xuan. "Analytical and empirical analysis of countermeasures to traffic analysis attacks." In Parallel Processing, 2003. Proceedings. 2003 International Conference on , pp. 483-492. IEEE, 2003. ( PDF ) Wang, Wei, Mehul Motani, and Vikram Srinivasan. "Dependent link padding algorithms for low latency anonymity systems." In Proceedings of the 15th ACM conference on Computer and communications security , pp. 323-332. ACM, 2008. ( PDF ) Dyer, Kevin P., Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. "Peek-a-boo, I still see you: Why efficient traffic analysis countermeasures fail." In Security and Privacy (SP), 2012 IEEE Symposium on , pp. 332-346. IEEE, 2012. ( PDF ) Srinivasan, Vijay, John Stankovic, and Kamin Whitehouse. "Protecting your daily in-home activity information from a wireless snooping attack." In Proceedings of the 10th international conference on Ubiquitous computing , pp. 202-211. ACM, 2008. ( PDF ) Back, Adam, Ulf Möller, and Anton Stiglic. "Traffic analysis attacks and trade-offs in anonymity providing systems." In International Workshop on Information Hiding , pp. 245-257. Springer Berlin Heidelberg, 2001. ( PDF ) Verde, Nino Vincenzo, Giuseppe Ateniese, Emanuele Gabrielli, Luigi Vincenzo Mancini, and Angelo Spognardi. "No NAT'd user left behind: Fingerprinting users behind nat from Netflow records alone." In Distributed Computing Systems (ICDCS), 2014 IEEE 34th International Conference on , pp. 218-227. IEEE, 2014. ( PDF ) Bellovin, Steven M. "A technique for counting NATted hosts." In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment , pp. 267-272. ACM, 2002. ( PDF ) Kohno, Tadayoshi, Andre Broido, and Kimberly C. Claffy. "Remote physical device fingerprinting." IEEE Transactions on Dependable and Secure Computing 2, no. 2 (2005): 93-108. ( PDF ) Rieke, Aaron, David Robinson, and Harlan Yu. "What ISPs can see." Upturn. 2016. ( PDF ) Nissenbaum, Helen. "Privacy as contextual integrity." Wash. L. Rev. 79 (2004): 119. ( PDF ) BQ_END