research-article

Using Channel State Information for Tamper Detection in the Internet of Things

Authors:

Ibrahim Ethem Bagci,

Ivan Martinovic,

Matthias Schulz,

Matthias HollickAuthors Info & Claims

ACSAC '15: Proceedings of the 31st Annual Computer Security Applications Conference

Pages 131 - 140

https://doi.org/10.1145/2818000.2818028

Published: 07 December 2015 Publication History

Abstract

The Internet of Things (IoT) is increasingly used for critical applications and securing the IoT has become a major concern. Among other issues it is important to ensure that tampering with IoT devices is detected. Many IoT devices use WiFi for communication and Channel State Information (CSI) based tamper detection is a valid option. Each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel, the transmitter and the receiver on the signal. The estimation result - the CSI - is used by a receiver to extract the transmitted information. However, as the CSI depends on the communication environment and the transmitter hardware, it can be used as well for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver. Unfortunately not only tamper events lead to CSI fluctuations; movement of people in the communication environment has an impact too. We propose to analyse CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events. A moving person is expected to have an impact on some but not all communication links between transmitter and the receivers. A tamper event impacts on all links between transmitter and the receivers. The paper describes the necessary algorithms for the proposed tamper detection method. In particular we analyse the tamper detection capability in practical deployments with varying intensity of people movement. In our experiments the proposed system deployed in a busy office environment was capable to detect 53% of tamper events (TPR = 53%) while creating zero false alarms (FPR = 0%).

References

[1]

I. E. Bagci, U. Roedig, M. Schulz, and M. Hollick. Short Paper: Gathering Tamper Evidence in Wi-fi Networks Based on Channel State Information. In Proc. Wisec'14, 2014.

Digital Library

[2]

M. Bor, A. King, and U. Roedig. Lifetime bounds of Wi-Fi Enabled Sensor Nodes. In Proc. IUPT'15, 2015.

[3]

V. Brik, S. Banerjee, M. Gruteser, and S. Oh. Wireless Device Identification with Radiometric Signatures. In Proc. MobiCom'08, 2008.

Digital Library

[4]

B. Danev and S. Capkun. Transient-based Identification of Wireless Sensor Nodes. In Proc. IPSN'09, 2009.

Digital Library

[5]

B. Danev, T. S. Heydt-Benjamin, and S. Capkun. Physical-layer Identification of RFID Devices. In Proc. USENIX'09, 2009.

Digital Library

[6]

B. Danev, D. Zanetti, and S. Capkun. On Physical-layer Identification of Wireless Devices. ACM Comput. Surv., 45(1):6, 2012.

Digital Library

[7]

D. B. Faria and D. R. Cheriton. Detecting identity-based attacks in wireless networks using signalprints. In Proc. WiSe'06, 2006.

Digital Library

[8]

D. Halperin, W. Hu, A. Sheth, and D. Wetherall. Tool Release: Gathering 802.11n Traces with Channel State Information. ACM SIGCOMM CCR, 41(1):53, 2011.

Digital Library

[9]

IEEE 802.11 Working Group. IEEE 802.11n-2009. IEEE Std, 802:1--51, 2010.

[10]

Z. Jiang, J. Zhao, X.-Y. Li, J. Han, and W. Xi. Rejecting the Attack: Source Authentication for Wi-Fi Management Frames using CSI Information. In Proc. INFOCOM'13, 2013.

[11]

Z. Li, W. Xu, R. Miller, and W. Trappe. Securing wireless systems via lower layer enforcements. In Proc. WiSe'06, 2006.

Digital Library

[12]

P. C. Mahalanobis. On the generalized distance in statistics. Proceedings of the National Institute of Sciences (Calcutta), 2:49--55, 1936.

[13]

N. Patwari and S. K. Kasera. Robust location distinction using temporal link signatures. In Proc. MobiCom'07, 2007.

Digital Library

[14]

Y. Rubner, C. Tomasi, and L. J. Guibas. The earth mover's distance as a metric for image retrieval. International journal of computer vision, 40(2):99--121, 2000.

Digital Library

[15]

O. Ureten and N. Serinken. Wireless security through RF fingerprinting. Electrical and Computer Engineering, Canadian Journal of, 32(1):27--33, 2007.

[16]

J. Xiong and K. Jamieson. SecureArray: Improving Wifi Security with Fine-grained Physical-layer Information. In Proc. MobiCom'13, 2013.

Digital Library

[17]

J. Zhang, M. H. Firooz, N. Patwari, and S. K. Kasera. Advancing Wireless Link Signatures for Location Distinction. In Proc. MobiCom'08, 2008.

Digital Library

Cited By

Liu WPapadimitratos P(2024)Position-based Rogue Access Point Detection2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW61312.2024.00055(436-442)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSPW61312.2024.00055
Chan PChao JWu R(2023)A Wi-Fi-Based Passive Indoor Positioning System via Entropy-Enhanced Deployment of Wi-Fi SniffersSensors10.3390/s2303137623:3(1376)Online publication date: 26-Jan-2023
https://doi.org/10.3390/s23031376
Du HWang YXu XLiu M(2023)Niffler: Real-time Device-level Anomalies Detection in Smart HomeACM Transactions on the Web10.1145/358607317:3(1-27)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1145/3586073
Show More Cited By

Index Terms

Using Channel State Information for Tamper Detection in the Internet of Things
1. Networks
  1. Network services
    1. Network monitoring

Recommendations

Exact Error Rate Analysis of MIMO-MRC System under Cochannel Interference and Imperfect Channel State Information

In this paper, we derive closed-form solution for the bit error rate of multi-input multi-output (MIMO) system with maximum ratio combining. We consider binary PSK modulation suffers from cochannel interference (CCI) and imperfect channel state ...
Predictable 802.11 packet delivery from wireless channel measurements
SIGCOMM '10: Proceedings of the ACM SIGCOMM 2010 conference

RSSI is known to be a fickle indicator of whether a wireless link will work, for many reasons. This greatly complicates operation because it requires testing and adaptation to find the best rate, transmit power or other parameter that is tuned to boost ...
An adaptive detection and suppression of co-channel interference in DVB-T/H system

Channel state information (CSI) is defined as the signal-to-noise ratio (SNR) for a sub-carrier position. In white noise channels it is proportional to magnitude of the channel frequency response (CFR). However, if the channel introduces frequency ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '15: Proceedings of the 31st Annual Computer Security Applications Conference

December 2015

489 pages

ISBN:9781450336826

DOI:10.1145/2818000

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 December 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ACSAC 2015

ACSAC 2015: 2015 Annual Computer Security Applications Conference

December 7 - 11, 2015

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

33
Total Citations
View Citations
782
Total Downloads

Downloads (Last 12 months)43
Downloads (Last 6 weeks)6

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Liu WPapadimitratos P(2024)Position-based Rogue Access Point Detection2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW61312.2024.00055(436-442)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSPW61312.2024.00055
Chan PChao JWu R(2023)A Wi-Fi-Based Passive Indoor Positioning System via Entropy-Enhanced Deployment of Wi-Fi SniffersSensors10.3390/s2303137623:3(1376)Online publication date: 26-Jan-2023
https://doi.org/10.3390/s23031376
Du HWang YXu XLiu M(2023)Niffler: Real-time Device-level Anomalies Detection in Smart HomeACM Transactions on the Web10.1145/358607317:3(1-27)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1145/3586073
He YLiu JLi MYu GHan JRen KCosta XHassanieh HAsadi ACox LPerino DWidmer JGiustiniano D(2023)SenCom: Integrated Sensing and Communication with Practical WiFiProceedings of the 29th Annual International Conference on Mobile Computing and Networking10.1145/3570361.3613274(1-16)Online publication date: 2-Oct-2023
https://dl.acm.org/doi/10.1145/3570361.3613274
Yan DYan YYang PSong WLi XLiu P(2023)Real-Time Identification of Rogue WiFi Connections in the WildIEEE Internet of Things Journal10.1109/JIOT.2022.322368210:7(6042-6058)Online publication date: 1-Apr-2023
https://doi.org/10.1109/JIOT.2022.3223682
Dehmollaian EEtzlinger BTorres NSpringer A(2022)DL-Based Physical Tamper Attack Detection in OFDM Systems with Multiple Receiver Antennas: A Performance–Complexity Trade-OffSensors10.3390/s2217654722:17(6547)Online publication date: 30-Aug-2022
https://doi.org/10.3390/s22176547
Alshomrani SLi S(2022)PUFDCAWireless Communications & Mobile Computing10.1155/2022/63675792022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/6367579
Lin YGao YLi BDong W(2022)Detecting Rogue Access Points Using Client-agnostic Wireless FingerprintsACM Transactions on Sensor Networks10.1145/353642319:1(1-25)Online publication date: 8-Dec-2022
https://dl.acm.org/doi/10.1145/3536423
Staat PTobisch JZenger CPaar C(2022)Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833631(1722-1736)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833631
Awal MMadanayake ARahman M(2022)Nearfield RF Sensing for Feature-Detection and Algorithmic Classification of Tamper AttacksIEEE Journal of Radio Frequency Identification10.1109/JRFID.2022.31966626(490-499)Online publication date: 2022
https://doi.org/10.1109/JRFID.2022.3196662
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents