TY - GEN
T1 - Towards Wireless Spiking of Smart Locks
AU - Mohammed, Abdullah Z.
AU - Singh, Alok
AU - Dayanikli, Gokcen Y.
AU - Gerdes, Ryan
AU - Mina, Mani
AU - Li, Ming
N1 - Funding Information: Acknowledgements: This work is supported in part by the National Science Foundation (NSF Grant CNS-1801611) and Army Research Office (ARO Grant W911NF-21-1-0320). Publisher Copyright: © 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - The rapid growth of the Internet-of-Things (IoT) has made Smart Homes not only possible but popular in our society. While devices such as wireless security cameras, smart locks, etc. can be more convenient than their traditional counterparts, and may even lead to an increased sense of security, they may actually cause an increase in the attack surface of a home. For example, successful cyber attacks against these smart devices has been extensively documented in the literature. In contrast to existing work we discuss the vulnerabilities of these devices from a cyber-physical perspective; specifically, the threat posed by intentional electromagnetic interference (IEMI). In this paper, we present a methodology to carry out 'wireless spiking' attacks on smart lock devices that would allow an unauthenticated adversary to open a lock, without direct physical tampering, through the manipulation of its electrical control circuitry using IEMI. We demonstrate the proposed methodology - reverse engineering, identification of attack points, development of an attack vector, and design and transmission of attack signals - on a commercially popular smart lock. In doing so we lay the groundwork for wireless spiking attacks on smart locks, in general.
AB - The rapid growth of the Internet-of-Things (IoT) has made Smart Homes not only possible but popular in our society. While devices such as wireless security cameras, smart locks, etc. can be more convenient than their traditional counterparts, and may even lead to an increased sense of security, they may actually cause an increase in the attack surface of a home. For example, successful cyber attacks against these smart devices has been extensively documented in the literature. In contrast to existing work we discuss the vulnerabilities of these devices from a cyber-physical perspective; specifically, the threat posed by intentional electromagnetic interference (IEMI). In this paper, we present a methodology to carry out 'wireless spiking' attacks on smart lock devices that would allow an unauthenticated adversary to open a lock, without direct physical tampering, through the manipulation of its electrical control circuitry using IEMI. We demonstrate the proposed methodology - reverse engineering, identification of attack points, development of an attack vector, and design and transmission of attack signals - on a commercially popular smart lock. In doing so we lay the groundwork for wireless spiking attacks on smart locks, in general.
KW - IoT security
KW - cyber physical systems security
KW - intentional electromagnetic interference (IEMI)
KW - smart lock
UR - http://www.scopus.com/inward/record.url?scp=85136084074&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85136084074&partnerID=8YFLogxK
U2 - 10.1109/SPW54247.2022.9833877
DO - 10.1109/SPW54247.2022.9833877
M3 - Conference contribution
T3 - Proceedings - 43rd IEEE Symposium on Security and Privacy Workshops, SPW 2022
SP - 251
EP - 257
BT - Proceedings - 43rd IEEE Symposium on Security and Privacy Workshops, SPW 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 43rd IEEE Symposium on Security and Privacy Workshops, SPW 2022
Y2 - 1 January 2022
ER -