The Internet traffic data produced by the Internet of Things (IoT) devices are collected by Internet Service Providers (ISPs) and device manufacturers, and often shared with their third parties to maintain and enhance user services. Unfortunately, on-path adversaries could infer and fingerprint users' sensitive privacy information such as occupancy and user activities by analyzing these network traffic traces. While there's a growing body of literature on defending against this side-channel attack-malicious IoT traffic analytics (TA), there's currently no systematic method to compare and evaluate the comprehensiveness of these existing studies. To address this problem, we design a new low-cost, open-source system framework-IoT Traffic Exposure Monitoring Toolkit (ITEMTK) that enables people to comprehensively examine and validate prior attack models and their defending approaches. In particular, we also design a novel image-based attack capable of inferring sensitive user information, even when users employ the most robust preventative measures in their smart homes. Researchers could leverage our new image-based attack to systematize and understand the existing literature on IoT traffic analysis attacks and preventing studies. Our results show that current defending approaches are not sufficient to protect IoT device user privacy. IoT devices are significantly vulnerable to our new image-based user privacy inference attacks, posing a grave threat to IoT device user privacy. We also highlight potential future improvements to enhance the defending approaches. ITEMTK's flexibility allows other researchers for easy expansion by integrating new TA attack models and prevention methods to benchmark their future work.

翻译：物联网设备产生的互联网流量数据由互联网服务提供商和设备制造商收集，并常与第三方共享以维护和增强用户服务。然而，路径上的攻击者可通过分析这些网络流量轨迹，推断并识别用户的敏感隐私信息（如居住状态和用户活动）。尽管现有文献中针对此类侧信道攻击——恶意物联网流量分析（TA）的防御研究日益增多，但目前缺乏系统性的方法来比较和评估这些现有研究的全面性。为解决这一问题，我们设计了一种新型低成本开源系统框架——物联网流量暴露监控工具包（ITEMTK），使研究者能够全面检验和验证先前的攻击模型及其防御方法。特别地，我们还设计了一种基于图像的新型攻击方法，即使用户在智能家居中采用最稳健的预防措施，该方法仍能推断出敏感用户信息。研究人员可利用我们提出的新型图像攻击来系统化地理解现有物联网流量分析攻击及防御研究文献。我们的研究结果表明，当前防御方法不足以保护物联网设备用户的隐私。物联网设备对我们提出的新型基于图像的用户隐私推断攻击表现出显著脆弱性，这对物联网设备用户隐私构成严重威胁。我们还指出了未来增强防御方法的潜在改进方向。ITEMTK的灵活性使其他研究者能够通过集成新的TA攻击模型和防御方法轻松扩展该框架，从而为其未来工作提供基准评估。