Signal Injection Attacks Against Modern Sensors
Supervisors
Suitable for
Abstract
In recent years, the boundaries between the physical and the digital world have become increasingly blurry. Nowadays, many digital systems interact in some way with the physical world. Large and complex cyber-physical systems, such as autonomous and electric vehicles, combine the physical and the digital world and enable the interaction between those two domains. Usually, such systems are equipped with numerous sensors to measure physical quantities, such as temperature, pressure, light, and sound. These physical quantities are vital inputs for the computations and can influence the decision-making process of the system.
However, the nature of an analog sensor makes it not easily possible to
authenticate the physical quantity that triggered
a stimulus [1]. For
instance, a temperature sensor cannot detect if the stimulus was caused by
a legitimate temperature
increase or by an adversary using a hairdryer. This
is a major concern because the integrity of sensor measurements is
critical
to ensuring that a system behaves as intended, and a violation of this
principle can have serious security,
safety and reliability consequences. In
our research, we have shown that different sensors are vulnerable to signal
injection attacks on the physical layer [2, 3, 4].
In this project, a student would analyse the vulnerability of sensors as they
are used in modern systems, such as
cars, the smart grid and IoT devices.
The project will enable the student to research signal injection attacks using
different modalities, such as light, acoustic and electromagnetic waves.
Moreover, the student will be able to assess
the impact of a successful
attack against a system as a whole and work on novel countermeasures that
can help to
improve the security of the next generation of systems.
Prerequisites Some familiarity in the area of digital signal processing and with Python.
Useful URLs https://github.com/ssloxford/ccd-signal-injection-attacks
https://github.com/ssloxford/they-see-me-rollin
https://arxiv.org/pdf/2305.06901
References
[1] Kune, Denis Foo, et al. "Ghost talk: Mitigating EMI signal injection attacks
against analog sensors." 2013 IEEE
Symposium on Security and Privacy. IEEE,
2013.
[2] Köhler, Sebastian, Richard Baker, and Ivan Martinovic. "Signal injection
attacks against ccd image sensors."
Proceedings of the 2022 ACM on Asia
Conference on Computer and Communications Security. 2022.
[3] Köhler, Sebastian, et al. "They See Me Rollin’: Inherent Vulnerability of
the Rolling Shutter in CMOS
Image Sensors." Annual Computer Security
Applications Conference. 2021.
[4] Szakály, Marcell, et al. "Assault and Battery: Evaluating the Security of
Power Conversion Systems Against
Electromagnetic Injection Attacks." arXiv
preprint arXiv:2305.06901 (2023).