The Internet of Things (IoT) and its application in Home automation systems (HAS) are expected to offer a plethora of novel services that adapt dynamically to a context, automate decisions and provide better situation awareness. In homes they are seen as facilitators for reducing energy consumption as well as increasing comfort and security. IoT-based HAS will be a widespread and important future field of digitalization directly influencing the most private parts of the lives of people.
Yet, in order to fulfill these tasks such systems have to be deeply engrained in our everyday lives and therefore will also gain much attraction for attackers that might use the capabilities to remote control and manage many parts of homes to spy on potential targets, to stalk inhabitants as well as facilitate criminal activities like burglaries, identity theft or blackmail.
The ARES proposal intends to investigate the attack resilience and security measures for sensor data based on meta-information, i.e., information that is different from the primary sensor measurement such as jitter of the supply voltage or the circuit core temperature, which shows characteristic changes during attacks on the sensor value. The outputs of the project will provide:
• A methodology of using meta information as input to security measures and specifically protecting sensor data by imposing this meta-information directly on the analog sensor circuit thus closing the gap between data acquisition and digital protection.
• A holistic security analysis and intrusion detection by merging meta-information. This includes an evidence-based consumer survey to identify the most common cyber risks and security needs for IoT devices in Austria’s private households.
• An experimental evaluation and a technology assessment of meta-information based security
• Guidelines for future secure design and use of such systems
In opposite to classical IT security and industrial applications of IoT, HAS systems are characterized by unplanned installation, drop & forget usage, extremely resource-limited devices due to the high cost pressure and in particular untrained users having little know-how in installing and operating the system.
To achieve the above goals and outputs the project pursues an multidisciplinary approach combining sensor-(network)-knowhow, IT security expertise and expertise in social sciences. Only through this combination of research fields security measures can be designed having both higher technical attack resilience and are applicable and accepted by users.
Details
| Duration | 01/11/2019 - 28/02/2023 |
|---|---|
| Funding | Bundesländer (inkl. deren Stiftungen und Einrichtungen) |
| Program |
|
| Departments |
Department for Integrated Sensor Systems Center for Distributed Systems and Sensor Networks |
| Principle investigator for the project (University for Continuing Education Krems) | Priv.-Doz.Dipl.-Ing.Dr. Thilo Sauter |
| Project members | Mag. Dr. Edith Huber Bettina Pospisil, BA MA Priv.-Doz.Dipl.-Ing.Dr. Thilo Sauter Assistenz Prof. Mag. Dr. Walter Seböck, MAS MSc Dipl.-Ing. Albert Treytl |
Publications
Kondapuram, A. R.; Treytl, A.; Ruotsalainen, H.; Sauter, T. (2023). Metadata Enhanced Security Watermarks for Sensor Data Protection. In: IEEE, proceedings in 2023 IEEE Applied Sensing Conference (APSCON): 1-3, IEEE, Indien
Pospisil, B.; Sauter, T.; Treytl, A.; Huber, E.; Seböck, W. (2022). Totally Unnecessary" or "Simply Convenient" – About Users and Non-Users of Voice Assistants. In: IEEE, Proceedings in 2022 15th International Conference on Human System Interaction (HSI): 1-7, IEEE, Melbourne
Pospisil, B.; Sauter, T.; Treytl, A.; Huber, E.; Seböck, W. (2022). Cyber Security at Home - What Really Matters to People. In: IEEE International Symposium on Industrial Electronics (ISIE), 2022 IEEE 31st International Symposium on Industrial Electronics (ISIE), 2022: 1208 - 1213, IEEE, Anchorage
Treytl, A.; Kondapuram, A. R.; Sauter, T.; Ruotsalainen, H. (2022). Comprehensive Analysis of Supply Voltage Watermarking for Protection of Sensor Systems. In: IEEE, Proceedings in 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA): 1-8, IEEE, Stuttgart
Vogl, L.; Sauter, T.; Treytl, A.; Bigler, T. (2022). Work in Progress: Side-Channel Watermarking for LoRaWAN Using Robust Inter-Packet Timing: An experimental approach. In: IEEE, Proceedings in 2022 IEEE 18th International Conference on Factory Communication Systems (WFCS): 1-4, IEEE, Pavia
Ruotsalainen, H.; Treytl, A.; Sauter, T. (2021). Watermarking Based Sensor Attack Detection in Home Automation Systems. In: IEEE, Proceedings in 26th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA ), 2021: 1-8, IEEE, Vasteras, Schweden
Lectures
Watermarking for Protection of Sensor Systems
Conference on Emerging Technologies and Factory Automation, 08/09/2022
Cyber Security at Home – What Really Matters to People
ISIE 2022, 03/06/2022
Sicherheitsaspekte von HAS: Risiken für österreichische Haushalte
IT-SecX, 01/10/2021
AUSTRIAN CYBERCRIME VICTIMS - UNREGISTERED CYBERCRIME CASES IN AUSTRIA
EuroCrim 2021, 08/09/2021
Security of Home Automation Systems – a status quo analysis for Austrian households
In-Depth Security Conference Europe 2020, 20/11/2020
Team
Projektpartner
FH St. Pölten