Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Wireless home automation systems reveal more than you would think about user behaviour

24.07.2014

Home automation systems that control domestic lighting, heating, window blinds or door locks offer opportunities for third parties to intrude on the privacy of the inhabitants and gain considerable insight into their behavioural patterns.

This is the conclusion reached by IT security expert Christoph Sorge and his research team at Saarland University. Even data transmitted from encrypted systems can provide information useful to potential burglars. Professor Sorge, who holds the juris Professorship in Legal Informatics at Saarland University, and his research group are currently studying ways to make home automation systems more secure.

Frederik Möllers from Sorge’s team will be presenting the results at the ACM Conference on Security and Privacy in Wireless and Mobile Networks in Oxford on 25 July.

Regulating heating systems to save energy, adjusting lighting levels based on the time of day, watering house plants automatically, and raising or lowering blinds at the required times – the benefits of today’s smart home automation systems are numerous and they are becoming increasingly popular with homeowners.

However, studies by the research group led by Professor Christoph Sorge have shown that these wireless systems can also pose a security risk. ‘Many of the systems do not provide adequate security against unwanted third-party access and therefore threaten the privacy of the inhabitants,’ says Sorge, an expert for IT security, data protection and encryption technology at Saarland University. Sorge and his team have examined how susceptible the systems are to attack.

For the purposes of their study, the researchers took on the role of a malicious attacker. ‘Using a simple mini-PC no bigger in size than a packet of cigarettes we eavesdropped on the wireless home automation systems (HASs) of two volunteers and were thus able to determine just how much information a conventional wireless HAS reveals about its user,’ explains Sorge.

No other information about the users was available to the research group. The result: ‘Non-encrypted systems provide large quantities of data to anyone determined enough to access the data, and the attacker requires no prior knowledge about the system, nor about the user being spied on,’ says Professor Sorge.

‘The data acquired by the attacker can be analysed to extract system commands and status messages, items which reveal a lot about the inhabitants’ behaviour and habits. We were able to determine absence times and to identify home ventilation and heating patterns,’ explains the expert in legal informatics.

The analysis enabled the research group to build up profiles of the inhabitants. Even systems that use encryption technology can supply information to third parties: ‘The results indicate that even when encrypted communication is used, the number of messages exchanged is enough to provide information on absence times,’ says Sorge. Potential attacks can be directed against the functionality of the system or the privacy of the inhabitants. ‘An attacker with malicious intent could use this sort of information to plan a burglary,’ says Sorge.

‘A great deal still needs to be done to make wireless home automation systems secure. Improved data encryption and concealment technologies would be an important step towards protecting the privacy of HAS users,’ explains Professor Sorge. He and his group are currently working on developing technology of this type in collaboration with the University of Paderborn as part of a research project funded by the Federal Ministry of Economics and Energy.

The research work into home automation systems began with a Master’s degree thesis by Andreas Hellmann, who was supervised by Professor Sorge while still at the University of Paderborn. With his research group now based at Saarland University, Professor Sorge is currently continuing research in this area with his research assistant Frederik Möllers, who will be presenting the results of their recent study in Oxford on 25 July.

Background: Christoph Sorge is an expert for IT security, data privacy, secure communications, encryption technologies, electronic signatures, and the use of IT systems in the legal sector. He holds a professorship endowed by juris GmbH at the Institute for Legal Informatics at Saarland University where he and his team teach and conduct research work at the interface of technology and law. Prior to taking up his position in Saarbrücken, Sorge held a Junior Professorship in Network Security at the University of Paderborn.

Contact: Professor Christoph Sorge:
Phone: +49 (0)681 302-5122 (Office: -5120), E-mail: christoph.sorge@uni-saarland.de

German Version of the press release: https://www.idw-online.de/de/news597128

A press photograph is available at http://www.uni-saarland.de/pressefotos and can be used at no charge. Please read and comply with the conditions of use.

Note for radio journalists: Studio-quality telephone interviews can be conducted with researchers at Saarland University using broadcast audio IP codec technology (IP direct dial or via the ARD node 106813020001). Interview requests should be addressed to the university’s Press and Public Relations Office (+49 (0)681 302-2601 or -64091).

Claudia Ehrlich | Universität des Saarlandes

Further reports about: Security Wireless conventional heating privacy technologies

More articles from Information Technology:

nachricht Quantum teleportation on a chip
01.04.2015 | University of Bristol

nachricht New RFID transponder with large memory and a mobile handheld reader
31.03.2015 | Siemens AG

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Lizard activity levels can help scientists predict environmental change

Research study provides new tools to assess warming temperatures

Spring is here and ectotherms, or animals dependent on external sources to raise their body temperature, are becoming more active. Recent studies have shown...

Im Focus: Hannover Messe 2015: Saving energy with smart façades

Glass-fronted office buildings are some of the biggest energy consumers, and regulating their temperature is a big job. Now a façade element developed by Fraunhofer researchers and designers for glass fronts is to reduce energy consumption by harnessing solar thermal energy. A demonstrator version will be on display at Hannover Messe.

In Germany, buildings account for almost 40 percent of all energy usage. Heating, cooling and ventilating homes, offices and public spaces is expensive – and...

Im Focus: Nonoxide ceramics open up new perspectives for the chemical and plant engineering

Outstanding chemical, thermal and tribological properties predestine silicon carbide for the production of ceramic components of high volume. A novel method now overcomes the procedural and technical limitations of conventional design methods for the production of components with large differences in wall thickness and demanding undercuts.

Extremely hard as diamond, shrinking-free manufacturing, resistance to chemicals, wear and temperatures up to 1300 °C: Silicon carbide (SiSiC) bundles all...

Im Focus: Experiment Provides the Best Look Yet at 'Warm Dense Matter' at Cores of Giant Planets

In an experiment at the Department of Energy's SLAC National Accelerator Laboratory, scientists precisely measured the temperature and structure of aluminum as...

Im Focus: Energy-autonomous and wireless monitoring protects marine gearboxes

The IPH presents a solution at HANNOVER MESSE 2015 to make ship traffic more reliable while decreasing the maintenance costs at the same time. In cooperation with project partners, the research institute from Hannover, Germany, has developed a sensor system which continuously monitors the condition of the marine gearbox, thus preventing breakdowns. Special feature: the monitoring system works wirelessly and energy-autonomously. The required electrical power is generated where it is needed – directly at the sensor.

As well as cars need to be certified regularly (in Germany by the TÜV – Technical Inspection Association), ships need to be inspected – if the powertrain stops...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

World Conference On Regenerative Medicine 2015: Registration And Abstract Submission Now Open

25.03.2015 | Event News

University presidents from all over the world meet in Hamburg

19.03.2015 | Event News

10. CeBiTec Symposium zum Big Data-Problem

17.03.2015 | Event News

 
Latest News

NASA covers Super Typhoon Maysak's rainfall, winds, clouds, eye

01.04.2015 | Earth Sciences

Quantum teleportation on a chip

01.04.2015 | Information Technology

Galaxy Clusters Formed as 'Fireworks'

01.04.2015 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>