WiFi signals can be exploited to detect attackers

Internet of ThingsLancaster research reveals that WiFi signals can be used to detect tampering with connected devices such as wireless security cameras

The Internet of Things (IoT) is fast becoming an everyday reality, with about half of enterprises set to deploy IoT solutions by the end of 2016. The emerging field offers many advantages, but harbours many risks as well. Most research is conducted into improving the digital security of such devices, to prevent, and protect from, hacking attempts.

Wireless devices are increasingly used for critical roles, such as security systems or industrial plant automation. Although wireless transmissions can be encrypted to protect transmitted data, it is hard to determine if a device – such as a wirelessly connected security camera protecting critical buildings in airports or power stations – has been tampered with.

But all an attacker needs to bypass it is to simply turn it away from its designated area of focus. Software-based security would be unable to detect this disruption, but the camera would be rendered essentially useless. He may simply rotate a camera’s view away from the area it is guarding without triggering an alert.

Strong encryption can, and should, be implemented on all levels of IoT devices. Safer design practices must be incorporated at the early stages of development, before these systems get too large and unwieldy to secure properly. All this is true, but an often overlooked aspect of IoT security is the physical layer.

Researchers at Lancaster University, in their study ‘Using Channel State Information for Tamper Detection in the Internet of Things’ have created a method that analyses WiFi signals at multiple receivers to detect physical attacks.

They have devised a method of analysing WiFi signals to detect tampering with the devices. The method uses multiple receivers to detect interference with devices that detect changes in the pattern of the wireless signal, known as Channel State Information (CSI).

A change in the pattern of wireless signals – known as Channel State Information (CSI) – picked up by the receivers can indicate a tamper situation. The algorithm detects attacks despite signal noise caused by natural changes to the environment such as people walking through the communication paths.

The method outlined in the ‘Using Channel State Information for Tamper Detection in the Internet of Things’ study would provide a vital defence against such an attack. Moreover, the algorithm developed by the team is able to distinguish between direct tampering attempts and natural environmental interference, such as a person walking through the WiFi signal.

Dr Utz Roedig, Reader in Lancaster University’s School of Computing and Communications and one of the report’s authors, said: “A large number of Internet of Things systems are using WiFi and many of these require a high level of security. This technique gives us a new way to introduce an additional layer of defence into our communication systems. Given that we use these systems around critically important infrastructure this additional protection is vital.”

The paper was presented by lead author Ibrahim Ethem Bagci at the 31st Annual Computer Applications Conference (ACSAC) in Los Angeles on Wednesday, December 9.

Other contributors to the research include Ivan Martinovic from the University of Oxford and Matthias Schulz and Matthias Hollick from the Technische Universitat Darmstadt.

More information about Lancaster University’s School of Computing and Communications can be found by visiting http://www.lancaster.ac.uk/scc/

You may also like...