Sonic Cyber Attack Shows Security Holes in Sensors Used by the Internet of Things
The new work calls into question the longstanding computer science tenet that software can automatically trust hardware sensors, which feed autonomous systems with fundamental data they need to make decisions.
The inertial sensors involved in this research are known as capacitive MEMS accelerometers. They measure the rate of change in an object’s speed in three dimensions.
Kevin Fu, associate professor of computer science and engineering, led a team of researchers who used sound to trick hardware sensors called accelerometers in a host of popular consumer electronics.
It turns out they can be tricked. Led by Kevin Fu, U-M associate professor of computer science and engineering, the team used precisely tuned acoustic tones to deceive 15 different models of accelerometers into registering movement that never occurred. The approach served as a backdoor into the devices—enabling the researchers to control other aspects of the system.
“The fundamental physics of the hardware allowed us to trick sensors into delivering a false reality to the microprocessor,” Fu said. “Our findings upend widely held assumptions about the security of the underlying hardware.
With a $5 speaker, University of Michigan researchers fooled hardware sensors called accelerometers in a way that gave the researchers access to other aspect of the system.
The researchers performed several proof-of-concept demonstrations: They used a $5 speaker to inject thousands of fictitious steps into a Fitbit. They played a malicious music file from a smartphone’s own speaker to control the phone’s accelerometer trusted by an Android app to pilot a toy remote control car. They used a different malicious music file to cause a Samsung Galaxy S5′s accelerometer to spell out the word “WALNUT” in a graph of its readings.
All accelerometers have an analog core—a mass suspended on springs. When the object the accelerometer is embedded in changes speed or direction, the mass moves accordingly. The digital components in the accelerometer process the signal and ferry it to other circuits.
“Analog is the new digital when it comes to cybersecurity,” Fu said. “Thousands of everyday devices already contain tiny MEMS accelerometers. Tomorrow’s devices will aggressively rely on sensors to make automated decisions with kinetic consequences.”
Autonomous systems like package delivery drones and self-driving cars, for example, base their decisions on what their sensors tell them, said Timothy Trippel, a doctoral student in computer science and engineering and first author of a new paper on the findings.
“Humans have sensors, like eyes, ears and a nose. We trust our senses and we use them to make decisions,” Trippel said. “If autonomous systems can’t trust their senses, then the security and reliability of those systems will fail.”
The trick Trippel and Fu introduced exploits the same phenomenon behind the legend of the opera singer breaking a wine glass. Key to that process is hitting the right note—the glass’ resonant frequency.
The researchers identified the resonant frequencies of 20 different accelerometers from five different manufacturers. Then instead of shattering the chips, they tricked them into decoding sounds as false sensor readings that they then delivered to the microprocessor.
Michigan Engineering researchers used a malicious music file to hack into a Samsung Galaxy S5, coaxing its accelerometer to read out the word WALNUT. While the attack itself doesn’t sound all that frightening, in principle, it revealed a major security hole in certain commonplace hardware sensors.
The university is pursuing patent protection for the intellectual property and is seeking commercialization partners to help bring the technology to market.
The researchers will present a paper on the work April 26 in Paris at the IEEE European Symposium on Security and Privacy. The paper is titled “WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks.” The research was supported by the National Science Foundation.
Contacts and sources:
University of Michigan
Source: http://www.ineffableisland.com/2017/03/sonic-cyber-attack-shows-security-holes.html
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world. Anyone can join. Anyone can contribute. Anyone can become informed about their world. "United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
LION'S MANE PRODUCT
Try Our Lion’s Mane WHOLE MIND Nootropic Blend 60 Capsules
Mushrooms are having a moment. One fabulous fungus in particular, lion’s mane, may help improve memory, depression and anxiety symptoms. They are also an excellent source of nutrients that show promise as a therapy for dementia, and other neurodegenerative diseases. If you’re living with anxiety or depression, you may be curious about all the therapy options out there — including the natural ones.Our Lion’s Mane WHOLE MIND Nootropic Blend has been formulated to utilize the potency of Lion’s mane but also include the benefits of four other Highly Beneficial Mushrooms. Synergistically, they work together to Build your health through improving cognitive function and immunity regardless of your age. Our Nootropic not only improves your Cognitive Function and Activates your Immune System, but it benefits growth of Essential Gut Flora, further enhancing your Vitality.
Our Formula includes: Lion’s Mane Mushrooms which Increase Brain Power through nerve growth, lessen anxiety, reduce depression, and improve concentration. Its an excellent adaptogen, promotes sleep and improves immunity. Shiitake Mushrooms which Fight cancer cells and infectious disease, boost the immune system, promotes brain function, and serves as a source of B vitamins. Maitake Mushrooms which regulate blood sugar levels of diabetics, reduce hypertension and boosts the immune system. Reishi Mushrooms which Fight inflammation, liver disease, fatigue, tumor growth and cancer. They Improve skin disorders and soothes digestive problems, stomach ulcers and leaky gut syndrome. Chaga Mushrooms which have anti-aging effects, boost immune function, improve stamina and athletic performance, even act as a natural aphrodisiac, fighting diabetes and improving liver function. Try Our Lion’s Mane WHOLE MIND Nootropic Blend 60 Capsules Today. Be 100% Satisfied or Receive a Full Money Back Guarantee. Order Yours Today by Following This Link.
