Accepted author manuscript, 3.69 MB, PDF document
Available under license: CC BY: Creative Commons Attribution 4.0 International License
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Using Channel State Information for Tamper Detection in the Internet of Things
AU - Bagci, Ibrahim Ethem
AU - Roedig, Utz
AU - Martinovic, Ivan
AU - Schulz, Matthias
AU - Hollick, Matthias
PY - 2015/12/5
Y1 - 2015/12/5
N2 - Each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel and of the transmitter on the received signal. The estimation result - the CSI - is used by a receiver to extract the transmitted information. However, as the CSI depends on the communication environment and the transmitter hardware it can as well be used for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver. Many IoT devices use WiFi for communication and CSI based tamper detection is a valuable building block for securing the future IoT. Unfortunately not only tamper events lead to CSI fluctuations; movement of people in the communication environment has an impact too. We propose to analyse CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events. A moving person has an impact on some but not all communication links between transmitter and the receivers. A temper event impacts on all links between transmitter and the receivers. The paper describes the necessary algorithms for the proposed tamper detection method. In particular we analyse the tamper detection capability in practical deployments with varying intensity of people movement. For example, in our experiments with low movement intensity it was possible to detect all tamper situations (TPR of one) while achieving a zero FPR.
AB - Each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel and of the transmitter on the received signal. The estimation result - the CSI - is used by a receiver to extract the transmitted information. However, as the CSI depends on the communication environment and the transmitter hardware it can as well be used for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver. Many IoT devices use WiFi for communication and CSI based tamper detection is a valuable building block for securing the future IoT. Unfortunately not only tamper events lead to CSI fluctuations; movement of people in the communication environment has an impact too. We propose to analyse CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events. A moving person has an impact on some but not all communication links between transmitter and the receivers. A temper event impacts on all links between transmitter and the receivers. The paper describes the necessary algorithms for the proposed tamper detection method. In particular we analyse the tamper detection capability in practical deployments with varying intensity of people movement. For example, in our experiments with low movement intensity it was possible to detect all tamper situations (TPR of one) while achieving a zero FPR.
M3 - Conference contribution/Paper
SN - 9781450336826
SP - 131
EP - 140
BT - ACSAC 2015 Proceedings of the 31st Annual Computer Security Applications Conference
PB - ACM
CY - New York
T2 - ACSAC 31 2015 Annual Computer Security Applications Conference
Y2 - 7 December 2015 through 11 December 2015
ER -