TY - GEN
T1 - A Framework for Evaluating Security in the Presence of Signal Injection Attacks
AU - Giechaskiel, Ilias
AU - Zhang, Youqian
AU - Rasmussen, Kasper B.
N1 - Publisher Copyright:
© 2019, Springer Nature Switzerland AG.
PY - 2019/9
Y1 - 2019/9
N2 - Sensors are embedded in security-critical applications from medical devices to nuclear power plants, but their outputs can be spoofed through electromagnetic and other types of signals transmitted by attackers at a distance. To address the lack of a unifying framework for evaluating the effect of such transmissions, we introduce a system and threat model for signal injection attacks. We further define the concepts of existential, selective, and universal security, which address attacker goals from mere disruptions of the sensor readings to precise waveform injections. Moreover, we introduce an algorithm which allows circuit designers to concretely calculate the security level of real systems. Finally, we apply our definitions and algorithm in practice using measurements of injections against a smartphone microphone, and analyze the demodulation characteristics of commercial Analog-to-Digital Converters (ADCs). Overall, our work highlights the importance of evaluating the susceptibility of systems against signal injection attacks, and introduces both the terminology and the methodology to do so.
AB - Sensors are embedded in security-critical applications from medical devices to nuclear power plants, but their outputs can be spoofed through electromagnetic and other types of signals transmitted by attackers at a distance. To address the lack of a unifying framework for evaluating the effect of such transmissions, we introduce a system and threat model for signal injection attacks. We further define the concepts of existential, selective, and universal security, which address attacker goals from mere disruptions of the sensor readings to precise waveform injections. Moreover, we introduce an algorithm which allows circuit designers to concretely calculate the security level of real systems. Finally, we apply our definitions and algorithm in practice using measurements of injections against a smartphone microphone, and analyze the demodulation characteristics of commercial Analog-to-Digital Converters (ADCs). Overall, our work highlights the importance of evaluating the susceptibility of systems against signal injection attacks, and introduces both the terminology and the methodology to do so.
KW - Analog-to-Digital Converters
KW - Electromagnetic interference
KW - Non-linearities
KW - Security metrics
KW - Signal injection attacks
UR - https://www.scopus.com/pages/publications/85075625595
U2 - 10.1007/978-3-030-29959-0_25
DO - 10.1007/978-3-030-29959-0_25
M3 - Conference article published in proceeding or book
AN - SCOPUS:85075625595
SN - 9783030299583
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 512
EP - 532
BT - Computer Security – ESORICS 2019 - 24th European Symposium on Research in Computer Security, Proceedings
A2 - Sako, Kazue
A2 - Schneider, Steve
A2 - Ryan, Peter Y.A.
PB - Springer
T2 - 24th European Symposium on Research in Computer Security, ESORICS 2019
Y2 - 23 September 2019 through 27 September 2019
ER -