Security Analysis Of Network Traffic For Smart Speakers

With the advancement of artificial intelligence and Internet of Things,the smart home industry has begun to flourish.The Internet of Things technology is used to integrate facilities related to home life to provide people with a comfortable and convenient living environment.Although the development of smart home has brought many benefits to people,it also makes users face huge security problems.The diversified smart home ecosystem has caused the inconsistency of hardware standards and communication protocols.Different manufacturers have put forward specific solutions for their smart home devices,but the security of a single device cannot guarantee the security of the system.Due to the deficiencies of the network protocol,network transmission has become the most prone to privacy leakage.In order to solve the above-mentioned issues,this paper investigate the communication security of smart speakers by analyzing the network traffic of smart speakers and carry out from two aspects: network traffic classification and anomaly detection.This paper works as follows:We design a smart speaker network traffic collection scheme,through which a large amount of raw network traffic data is collected.By analyzing the features of the data packets in the network flow data file,we design the network flow feature and extract the feature from network flow to construct the network flow feature dataset.We design a feature selection method combining information gain and Pearson correlation coefficient,and base on this select the optimal feature subset of smart speaker network traffic used by network traffic classification and anomaly detection.We use four machine learning methods: Random Forest,Naive Bayes,Bayes Net,and support vector machine to classify and analyze the full feature dataset and the optimal feature subset,and use accuracy,precision,recall,F-Measure evaluate the classification results.Experiments show that,whether full feature dataset or the optimal subset is used,Random Forest has the best effect in classification result,but the performance of support vector machine is poor.After adopting the feature selection of combining information gain and Pearson correlation coefficient proposed in this paper,the performance of the classifier has been improved,indicating that the feature selection method used in this paper has a good effect on the training of the classifier model.We use the R/S analysis method,the variance time method and the iterative estimation algorithm to estimate the Hurst,and verifies that the flow feature attributes with time series properties have self-similarity,and use these feature attributes to construct anomaly detection model based on the self-similarity.We simulate the ARP attack to verify the effectiveness of the anomaly detection model.The experiment shows that when the network is attacked in abnormal behavior,the Hurst value greatly deviates from the normal Hurst value and exceeds the interval(0.5,1)of self-similarity.At this time,the second-order self-similarity of the network disappears,indicating that there is an abnormality in the network,which proves the effectiveness and feasibility of the network traffic anomaly detection scheme based on the self-similarity.