WiFi signals can be used to detect IoT physical attacks!

Researchers at Lancaster University have devised a method where Wi-Fi signals can be used to detect physical attacks on devices connected to internet. Although wireless transmissions can be encrypted to protect transmitted data, it is hard to determine whether a device has been tampered with. Thus, the new algorithm can help those who are concerned about the security factors with Internet of Things (IoT).

It’s a known fact that wireless devices are increasingly being used for critical roles, such as security systems or industrial plant automation. In future with the craze for IoT multiplying to many folds, the said concern will automatically get tripled. For instance, an attacker can simply rotate a security camera’s view away from the area it is guarding without triggering an alert. They can simply install a jammer and block the web access to the network of physical objects, devices, vehicles, buildings and other items which are embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect or exchange data.

This is where the newly created algorithm devices by the researchers of Lancaster University acts as a savior and helps in analyzing Wi-Fi signals at multiple receivers to detect physical attacks. The algorithm detects attacks despite signal noise caused by natural changes to the environment such as people walking through the communication path.

Dr. Utz Roedig, Reader and head researcher in Lancaster University’s School of Computing and Communications and one of the report’s authors, said: “A large number of Internet of Things systems are using WiFi and many of these require a high level of security. This technique gives us a new way to introduce an additional layer of defense into our communication systems. Given that we use these systems around critically important infrastructure this additional protection is vital.” Dr. Utz added that with IoT being used for critical apps, and securing the IoT becoming a major concern, the new algorithm called Channel State Information (CSI) can be used to detect whether a web connected device was tampered or not.

Getting into the technicalities on a further note, the researchers have reported that each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel, the transmitter and the receiver on the signal. The estimation result – the CSI – is used by a receiver to extract the transmitted information.

However, as the CSI depends on the communication environment and the transmitter hardware, it can be used as well for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver.

Unfortunately not only tampered events lead to CSI fluctuations; movement of people in the communication environment has an impact too, but not on all communication links between transmitter and the receivers.

The researchers propose to analyze more CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events.

Note– A tampered event impacts on all links between transmitter and the receivers.

Hope, this research yields some more encouraging results.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s