Scientists Warn of Transduction Attacks on Sensors (New attack vector for modern devices)

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Professors from universities in China and the US are warning about the impending danger of "transduction attacks" on sensors deployed with everyday devices.

The term "transduction attack" has two meanings. First, the term "transducer" is another word for "sensor," meaning a device that converts variations in a physical quantity, such as pressure or brightness, into an electrical signal, or vice versa. Second, "transduction" is a term used in genetics and defines the process by which foreign DNA is introduced into a cell by a virus or viral vector.
Click to expand...

New attack vector for modern devices
In an article published in the Communications of the ACM magazine, two researchers from the University of Michigan and the Zhejiang University, warn that transductions attacks are a threat to modern-day sensors.

The two use the term to describe when an attacker is using external signals (such as sound, electromagnetic waves, electric signals, etc.) to trick a sensor into reading incorrect data on purpose.

For example, pointing an electromagnetic signal at a thermocouple's temperature sensor can result in the device reading incorrect values if the attacker carefully constructs the electromagnetic waves in such a way that the temperature sensor reacts like it was reading another temperature.

The image below shows one such device reading an impossibly low temperature of -1409° F (-800° C, or 527° K), which is below absolute zero, the result of an obvious transduction attack carried out in a laboratory setting.

Transduction-2.jpg
Click to expand...



Software blindly trusts hardware

Researchers say the problem is that the software that reads data from the sensors blindly trusts these devices, thinking they are incorruptible. In reality, all hardware is susceptible to physics-based transduction attacks.

"Billions of deployed sensors lack designed-in protections against intentional physical manipulation," researchers say. "Most likely, the sensors were designed before the community understood the security risks."

"Researchers have repeatedly shown how an adversary can not only cause denial of service, but also control the sensor output itself with malicious analog signals at the resonant frequency of the sensor. Vulnerabilities tend to lurk deep within the physics of analog sensors," the two said.

The only way researchers can mitigate against such threats is by adding hardware-level protections, or designing sensors to take into account for stronger outside interference, allowing the sensor to work in noisier environments.
Click to expand...
 
  • Like
Reactions: harlan4096
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
EarSpy attack eavesdrops on Android phones via motion sensors
Replies
0
Views
539
News Archive
silversurfer
silversurfer
vtqhtr413
    • Like
Researchers develop "Hot Pixel" malware using sensor and browser data
Replies
5
Views
1,052
News Archive
Andy Ful
Andy Ful
MuzzMelbourne
    • Like
    • +Reputation
Some Android phones are vulnerable to fingerprint brute-force attacks
Replies
7
Views
1,496
News Archive
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top