by Frederik Möllers
Abstract:
Home Automation Systems (HASs) are becoming increasingly popular in newly built as well as existing properties. While offering increased living comfort, resource saving features and other commodities, most current commercial systems do not protect sufficiently against passive attacks. In this thesis we investigate privacy aspects of Home Automation Systems. We analyse the threats of eavesdropping and traffic analysis attacks, demonstrating the risks of virtually undetectable privacy violations. By taking aspects of criminal and data protection law into account, we give an interdisciplinary overview of privacy risks and challenges in the context of HASs. We present the first framework to formally model privacy guarantees of Home Automation Systems and apply it to two different dummy traffic generation schemes. In a qualitative and quantitative study of these two algorithms, we show how provable privacy protection can be achieved and how privacy and energy efficiency are interdependent. This allows manufacturers to design and build secure Home Automation Systems which protect the users' privacy and which can be arbitrarily tuned to strike a compromise between privacy protection and energy efficiency.
Reference:
Frederik Möllers: On privacy in home automation systems, PhD thesis, Universität des Saarlandes, 2021.
Bibtex Entry:
@PhDThesis{ 2021moellers,
address = {Saarbrücken},
author = {Frederik M{\"o}llers},
title = {On privacy in home automation systems},
school = {Universität des Saarlandes},
year = {2021},
type = {{Dissertation}},
abstract = {Home Automation Systems (HASs) are becoming increasingly
popular in newly built as well as existing properties.
While offering increased living comfort, resource saving
features and other commodities, most current commercial
systems do not protect sufficiently against passive
attacks. In this thesis we investigate privacy aspects of
Home Automation Systems. We analyse the threats of
eavesdropping and traffic analysis attacks, demonstrating
the risks of virtually undetectable privacy violations. By
taking aspects of criminal and data protection law into
account, we give an interdisciplinary overview of privacy
risks and challenges in the context of HASs. We present the
first framework to formally model privacy guarantees of
Home Automation Systems and apply it to two different dummy
traffic generation schemes. In a qualitative and
quantitative study of these two algorithms, we show how
provable privacy protection can be achieved and how privacy
and energy efficiency are interdependent. This allows
manufacturers to design and build secure Home Automation
Systems which protect the users' privacy and which can be
arbitrarily tuned to strike a compromise between privacy
protection and energy efficiency.},
url = {https://publikationen.sulb.uni-saarland.de/bitstream/20.500.11880/31743/1/2021-08-09.pdf}
}