WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Trippel, Timothy; Weisse, Ofir; Xu, Wenyuan; Honeyman, Peter; Fu, Kevin

doi:10.1109/eurosp.2017.42

Cited by 195 publications

(167 citation statements)

References 13 publications

Supporting

Mentioning

158

Contrasting

Unclassified

Order By: Relevance

“…In short, we find that ICT systems essentially consist of a layered ecosystem of technologies and hardware that have many security vulnerabilities whose source or number may be impossible to assess (e.g. Shin et al, 2015;Trippel et al, 2017). Under these circumstances, the state of cyber security can be described as being in a ''shameful state of unpreparedness'' (Arquilla, 2017, p. 10).…”

Section: The Problem Of Software For Iotmentioning

confidence: 99%

Mapping the Values of IoT

Nicolescu

Huth

Radanliev³

et al. 2018

Journal of Information Technology

View full text Add to dashboard Cite

We investigate the emerging meanings of ''value'' associated with the Internet of Things. Given the current political economy, we argue that the multiple meanings of ''value'' cannot be reduced to a single domain or discipline, but rather they are invariably articulated at the juxtaposition of three domains: social, economic, and technical. We analyse each of these domains and present domain challenges and cross-domain implications -drawing from an interdisciplinary literature review and gap analysis across sources from academia, business, and governments. We propose a functional model that aggregates these findings into a value-driven logic of the emerging global political economy enabled by digital technology in general and IoT in particular. These conceptual contributions highlight the critical need for an interdisciplinary understanding of the meaning of ''value'', so that IoT services and products will create and sustain such concurrent meanings during their entire lifecycle, from design to consumption and retirement or recycling.

show abstract

Section: The Problem Of Software For Iotmentioning

confidence: 99%

Mapping the Values of IoT

Nicolescu

Huth

Radanliev³

et al. 2018

Journal of Information Technology

View full text Add to dashboard Cite

show abstract

“…To motivate our definition, the term injection was chosen because it captures the fact that values reported by a system are altered; it is not channel-specific; and it has already been adopted by different works [5], [11], [13], [35]- [44]. The out-of-band qualifier is necessary to distinguish the attacks studied in this survey from signal injection attacks on sensors using pulse reflections such as LiDARs [9], [14], [31], signal injection attacks on the physical layer of communication protocols [45], and false data injection attacks [28], [46].…”

Section: Choice Of Terminologymentioning

confidence: 99%

“…The term (sensor) spoofing [8], [9], [14], [43] was also Injection [5], [13], [35], [38], [41]- [44] Intentional Interference [5], [10], [12], [36], [38], [40], [42], [49] Non-Linearity [11], [54], [55], [68] Spoofing [8], [9], [14], [43] Other (See Text) [7], [53], [67] avoided for similar reasons: it has an overloaded meaning in authentication contexts and with in-band signal injection attacks [6], [52]. Moreover, it does not capture the physical aspect of injections, and does not accurately describe coarsegrained attacks which lead to saturation of a sensor.…”

Section: Choice Of Terminologymentioning

confidence: 99%

“…The specific circuit properties that allow adversarial signals to be injected into a device vary with the injection method and module targeted. For example, EM attacks typically depend on unintentional antennas in Printed Circuit Board (PCB) traces [5], while acoustic attacks exploit resonance in gyroscopes [10] and accelerometers [13]. As each attack exploits unique properties of the target device, the details of specific hardware imperfections in sensors and other modules are only expanded upon in subsequent sections.…”

Section: System and Adversary Modelmentioning

confidence: 99%

See 1 more Smart Citation

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Giechaskiel

Rasmussen

2020

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Recent research has shown that the integrity of sensor measurements can be violated through out-of-band signal injection attacks. These attacks target the conversion process from a physical quantity to an analog property-a process that fundamentally cannot be authenticated. Out-of-band signal injection attacks thus pose previously-unexplored security risks by exploiting hardware imperfections in the sensors themselves, or in their interfaces to microcontrollers. In response to the growingyet-disjointed literature in the subject, this article presents the first survey of out-of-band signal injection attacks. It focuses on unifying their terminology and identifying commonalities in their causes and effects through a chronological, evolutionary, and thematic taxonomy of attacks. By highlighting cross-influences between different types of out-of-band signal injections, this paper underscores the need for a common language irrespective of the attack method. By placing attack and defense mechanisms in the wider context of their dual counterparts of side-channel leakage and electromagnetic interference, this study identifies common threads and gaps that can help guide and inform future research. Overall, the ever-increasing reliance on sensors embedded in everyday commodity devices necessitates that a stronger focus be placed on improving the security of such systems against out-of-band signal injection attacks.

show abstract

“…However, the multi-electrode EMG sensor [52] is sizable and must be placed close to muscles. Walking to generate keys [48] may be inconvenient and the used inertial measurement units (IMUs) may be vulnerable to remote acoustic attack [41].…”

Section: Related Workmentioning

confidence: 99%

Towards Touch-to-Access Device Authentication Using Induced Body Electric Potentials

Yan

Song

Tan

et al. 2019

The 25th Annual International Conference on Mobile Computing and Networking

View full text Add to dashboard Cite

This paper presents TouchAuth, a new touch-to-access device authentication approach using induced body electric potentials (iBEPs) caused by the indoor ambient electric field that is mainly emitted from the building's electrical cabling. The design of TouchAuth is based on the electrostatics of iBEP generation and a resulting property, i.e., the iBEPs at two close locations on the same human body are similar, whereas those from different human bodies are distinct. Extensive experiments verify the above property and show that TouchAuth achieves high-profile receiver operating characteristics in implementing the touch-to-access policy. Our experiments also show that a range of possible interfering sources including appliances' electromagnetic emanations and noise injections into the power network do not affect the performance of TouchAuth. A key advantage of TouchAuth is that the iBEP sensing requires a simple analog-to-digital converter only, which is widely available on microcontrollers. Compared with existing approaches including intra-body communication and physiological sensing, TouchAuth is a low-cost, lightweight, and convenient approach for authorized users to access the smart objects found in indoor environments. * This work was completed while Yang Li was with Advanced Digital Sciences Center, Illinois at Singapore.• Human-centered computing → Ubiquitous and mobile computing; • Computer systems organization → Embedded and cyber-physical systems; • Networks → Mobile and wireless security.

show abstract

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Cited by 195 publications

References 13 publications

Mapping the Values of IoT

Mapping the Values of IoT

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Towards Touch-to-Access Device Authentication Using Induced Body Electric Potentials

Contact Info

Product

Resources

About