Wi-Fi signals can be exploited to detect cyber attackers
19 December 2015
Physical attacks on devices connected to the Internet can be detected by analysing Wi-Fi signals, Lancaster University computer scientists have discovered.
Wireless devices are increasingly used for critical roles, such as security systems or industrial plant automation. Although wireless transmissions can be encrypted to protect transmitted data, it is hard to determine if a device – such as a wirelessly connected security camera protecting critical buildings in airports or power stations – has been tampered with. An attacker may simply rotate a camera’s view away from the area it is guarding without triggering an alert.
Researchers at Lancaster University, in their study*, ‘Using Channel State Information for Tamper Detection in the Internet of Things’, have created a method that analyses Wi-Fi signals at multiple receivers to detect physical attacks. A change in the pattern of wireless signals – known as Channel State Information (CSI) – picked up by the receivers can indicate a tamper situation. The algorithm detects attacks despite signal noise caused by natural changes to the environment such as people walking through the communication paths.
“A large number of Internet of Things systems are using Wi-Fi and many of these require a high level of security," says Dr Utz Roedig, Reader in Lancaster University’s School of Computing and Communications and one of the report’s authors. "This technique gives us a new way to introduce an additional layer of defence into our communication systems. Given that we use these systems around critically important infrastructure this additional protection is vital.”
*The paper was presented by lead author Ibrahim Ethem Bagci at the 31st Annual Computer Applications Conference (ACSAC) in Los Angeles on Wednesday, December 9. Other contributors to the research include Ivan Martinovic from the University of Oxford and Matthias Schulz and Matthias Hollick from the Technische Universitat Darmstadt.