Physics-Based Attacks Manipulate Sensors in IoT Devices

As vendors strive to deliver smart products running on security-sound software, researchers warn of direct threats to the sensors in the systems that make up the world of IoT. Dubbed “transduction attacks,” they rely on analog signals to manipulate the data that prompts the computer system to take an action.

The role of a sensor is to translate specific physical information in a way the computer can interpret and operate upon. Two researchers, Kevin Fu from the University of Michigan and Wenyuan Xu from Zhejiang University, warn that carefully calibrated sound or electromagnetic waves can spoof that information, feeding the computer system erroneous data and causing it to malfunction.

They offer the example of malicious electromagnetic waves hitting a temperature-measuring sensor, causing it to show a value of -1409F, which is 527K below absolute zero. A thermostat on a wall in the background shows the ambient temperature was actually a human-friendly 73F. In a similar experiment, the researchers were able to influence the data output of an accelerometer in a smartphone by playing sounds embedded in a YouTube video.

“Billions of deployed sensors lack designed-in protections against intentional physical manipulation. Most likely, the sensors were designed before the community understood the security risks,” Fu and Xu write in an article in the Communications of the ACM magazine, adding that “vulnerabilities tend to lurk deep within the physics of analog sensors. The risks bubble up into the software layer.”

The analog threat is possible because the software trusts the data from the sensor implicitly. One solution is to have the sensor provide the application additional evidence that its data is trustworthy. The researchers say that supporting details like spectral analytics or confidence indicators could detect malicious signals at known resonant frequencies.

Taking this course would change the paradigm for the makers as they have to add costs and performance limitations into their business equation. Even more, this would entail a shift from a component-centric to a system-centric security model; and change more often than not entails costs, which reflect in the company revenue.

Image credit: Kevin Fu, Wenyuan Xu