The Internet of Things (IoT) and its application in Home automation systems (HAS) are expected to offer a plethora of novel services that adapt dynamically to a context, automate decisions and provide better situation awareness. In homes they are seen as facilitators for reducing energy consumption as well as increasing comfort and security. IoT-based HAS will be a widespread and important future field of digitalization directly influencing the most private parts of the lives of people.
Yet, in order to fulfill these tasks such systems have to be deeply engrained in our everyday lives and therefore will also gain much attraction for attackers that might use the capabilities to remote control and manage many parts of homes to spy on potential targets, to stalk inhabitants as well as facilitate criminal activities like burglaries, identity theft or blackmail.
The ARES proposal intends to investigate the attack resilience and security measures for sensor data based on meta-information, i.e., information that is different from the primary sensor measurement such as jitter of the supply voltage or the circuit core temperature, which shows characteristic changes during attacks on the sensor value. The outputs of the project will provide:
• A methodology of using meta information as input to security measures and specifically protecting sensor data by imposing this meta-information directly on the analog sensor circuit thus closing the gap between data acquisition and digital protection.
• A holistic security analysis and intrusion detection by merging meta-information. This includes an evidence-based consumer survey to identify the most common cyber risks and security needs for IoT devices in Austria’s private households.
• An experimental evaluation and a technology assessment of meta-information based security
• Guidelines for future secure design and use of such systems
In opposite to classical IT security and industrial applications of IoT, HAS systems are characterized by unplanned installation, drop & forget usage, extremely resource-limited devices due to the high cost pressure and in particular untrained users having little know-how in installing and operating the system.
To achieve the above goals and outputs the project pursues an multidisciplinary approach combining sensor-(network)-knowhow, IT security expertise and expertise in social sciences. Only through this combination of research fields security measures can be designed having both higher technical attack resilience and are applicable and accepted by users.
Details
| Duration | 01/11/2019 - 28/02/2023 |
|---|---|
| Funding | Bundesländer (inkl. deren Stiftungen und Einrichtungen) |
| Program |
|
| Departments |
Department for Integrated Sensor Systems Center for Distributed Systems and Sensor Networks |
| Principle investigator for the project (University for Continuing Education Krems) | Priv.-Doz.Dipl.-Ing.Dr. Thilo Sauter |
| Project members | Mag. Dr. Edith Huber Bettina Pospisil, BA MA Priv.-Doz.Dipl.-Ing.Dr. Thilo Sauter Assoz. Prof. Mag. Dr. Walter Seböck, MAS MSc Dipl.-Ing. Albert Treytl |
Publications
Huber, E.; Treytl, A.; Sauter, T.; Routsalainen, H.; Kieseberg, P.; Seböck W. (2023). Wie Smart Home Geräte zur Eintrittsfalle für Kriminelle werden können. In: Kriminologische Gesellschaft, Kriminalität und Kriminologie im Zeitalter der Digitalisierung: 131-148, Forum Verlag Godesberg, Mönchengladbach
Kondapuram, A. R.; Treytl, A.; Ruotsalainen, H.; Sauter, T. (2023). Metadata Enhanced Security Watermarks for Sensor Data Protection. In: IEEE, proceedings in 2023 IEEE Applied Sensing Conference (APSCON): 1-3, IEEE, Indien
Kondapuram, A. R.; Treytl, A.; Survaiya, S. P.; Sauter, T. (2023). Watermark Based Sensor Data Protection System for Wireless Sensor Network. In: IEEE, proceedings in 2023 IEEE 21st International Conference on Industrial Informatics (INDIN): 1-8, IEEE, Lemgo
Kondapuram, A.R. (2023). Watermark-based detection of invasive attacks on sensor data in Home Automation Systems. Master Thesis, Cham
Pospisil, B.; Sauter, T.; Treytl, A.; Huber, E.; Seböck, W. (2022). Cyber Security at Home - What Really Matters to People. In: IEEE International Symposium on Industrial Electronics (ISIE), 2022 IEEE 31st International Symposium on Industrial Electronics (ISIE), 2022: 1208 - 1213, IEEE, Anchorage
Pospisil, B.; Sauter, T.; Treytl, A.; Huber, E.; Seböck, W. (2022). Totally Unnecessary" or "Simply Convenient" – About Users and Non-Users of Voice Assistants. In: IEEE, Proceedings in 2022 15th International Conference on Human System Interaction (HSI): 1-7, IEEE, Melbourne
Treytl, A.; Kondapuram, A. R.; Sauter, T.; Ruotsalainen, H. (2022). Comprehensive Analysis of Supply Voltage Watermarking for Protection of Sensor Systems. In: IEEE, Proceedings in 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA): 1-8, IEEE, Stuttgart
Vogl, L.; Sauter, T.; Treytl, A.; Bigler, T. (2022). Work in Progress: Side-Channel Watermarking for LoRaWAN Using Robust Inter-Packet Timing: An experimental approach. In: IEEE, Proceedings in 2022 IEEE 18th International Conference on Factory Communication Systems (WFCS): 1-4, IEEE, Pavia
Huber, E.; Pospisil, B.; Seböck, W.; Kieseberg, P.; Treytl, A. (2021). Smart Home – Nutzung der Geräte in Österreich und Aspekte der Sicherheit und Regulation der Datensammlung. In: Tagungsband des Internationalen Rechtsinformatik Symposions IRIS 2021: 10.38023/f11f6dc3-fe63-4f6c-8943-f5e12bcf0a90, Jusletter IT, online
Ruotsalainen, H.; Treytl, A.; Sauter, T. (2021). Watermarking Based Sensor Attack Detection in Home Automation Systems. In: IEEE, Proceedings in 26th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA ), 2021: 1-8, IEEE, Vasteras, Schweden
Huber, E.; Pospisil, B.; Seböck, W. (2020). Security of Home Automation Systems – a status quo analysis for Austrian households. In: Stefan Schumacher, René Pfeiffer, Indepth Security Vol. III: 173, Magdeburger Institut für Sicherheitsforschung, Magdeburg
Lectures
Watermark Based Sensor Data Protection System for Wireless Sensor Network
2023 IEEE 21st International Conference on Industrial Informatics (INDIN), 18/07/2023
Watermark-based detection of invasive attacks on sensor data in Home Automation Systems." Hardcopy submitted (received by post) 18.01.2023
Presentation Master Thesis, 30/01/2023
Metadata Enhanced Security Watermarks for Sensor Data Protection
2023 IEEE Applied Sensing Conference (APSCON), 23/01/2023
Watermarking for Protection of Sensor Systems
Conference on Emerging Technologies and Factory Automation, 08/09/2022
Cyber Security at Home – What Really Matters to People
ISIE 2022, 03/06/2022
Sicherheitsaspekte von HAS: Risiken für österreichische Haushalte
IT-SecX, 01/10/2021
AUSTRIAN CYBERCRIME VICTIMS - UNREGISTERED CYBERCRIME CASES IN AUSTRIA
EuroCrim 2021, 08/09/2021
Security of Home Automation Systems – a status quo analysis for Austrian households
In-Depth Security Conference Europe 2020, 20/11/2020
Team
Projektpartner
FH St. Pölten