Skip to main content
SpringerLink
Log in

A Survey on Sensor False Data Injection Attacks and Countermeasures in Cyber-Physical and Embedded Systems

  • Conference paper
  • First Online:
Information Security Applications (WISA 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13720))

Included in the following conference series:

  • 529 Accesses

Abstract

Cyber-physical system (CPS) and embedded system (ES) has been growing rapidly, embracing safety-critical systems such as automobiles and airplanes. While such systems are traditionally operated by human, recent technology enables autonomous operation, even making critical control decisions by itself. Since decision-making process highly depends on sensor data, it is crucial for safety that outputs from sensors should remain trustworthy at all times. Sensor false data injection (SFDI) attacks target sensors of CPS and ES, to affect their outputs, ultimately to perturb behavior of the entire system.

In a sensor, raw signal is processed at multiple stages to return the measurement. We group them into three layers where signal changes its form. The simple three-layer view can help analyze existing attacks and defenses systematically: where the root cause of an attack is, how an attack is propagating, which layer a defense can protect.

The goals of the survey are to (1) understand the literature of SFDI attacks and defenses clearly, (2) identify current challenges and potential approaches to make sensors secure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. 14 CFR 91.225 - Automatic Dependent Surveillance-Broadcast (ADS-B) Out equipment and use. https://www.ecfr.gov/current/title-14/chapter-I/subchapter-F/part-91/subpart-C/section-91.225

  2. Amazon Alexa Voice AI. https://developer.amazon.com/en-US/alexa.html

  3. Connected Papers. https://www.connectedpapers.com/

  4. Google Assistant. https://assistant.google.com/

  5. GPS: The Global Positioning System. https://www.gps.gov/

  6. Properties of Lasers. https://www.worldoflasers.com/laserproperties.htm

  7. Siri. https://www.apple.com/siri/

  8. Waymo. https://waymo.com/company/

  9. What are Anti-Lock Brakes & ABS. https://www.wagnerbrake.com/technical/parts-matter/automotive-repair-and-maintenance/guide-to-abs-brakes.html

  10. Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340–353. CCS 2005, Association for Computing Machinery, New York, NY, USA (2005). https://doi.org/10.1145/1102120.1102165

  11. Bell, A.G.: On the production and reproduction of sound by light. Am. J. Sci. s3–20(118), 305–324 (1880). https://doi.org/10.2475/ajs.s3-20.118.305

  12. Bolton, C., Rampazzi, S., Li, C., Kwong, A., Xu, W., Fu, K.: Blue note: how intentional acoustic interference damages availability and integrity in hard disk drives and operating systems. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 1048–1062. IEEE, San Francisco, CA, May 2018. https://doi.org/10.1109/SP.2018.00050

  13. Cao, Y., et al.: Adversarial sensor attack on LiDAR-based perception in autonomous driving. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS 2019, pp. 2267–2281. ACM Press, London, United Kingdom (2019). https://doi.org/10.1145/3319535.3339815

  14. Carlini, N., et al.: Hidden voice commands. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 513–530. USENIX Association, Austin, TX, August 2016

    Google Scholar 

  15. Chauhan, R.: A platform for false data injection in frequency modulated continuous wave radar. All Graduate Theses and Dissertations, May 2014. https://doi.org/10.26076/6adb-d066

  16. Chen, F., Roşu, G.: Mop: an efficient and generic runtime verification framework. In: Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications, pp. 569–588. OOPSLA 2007, Association for Computing Machinery, New York, NY, USA (2007). https://doi.org/10.1145/1297027.1297069

  17. Choi, H., et al.: Detecting attacks against robotic vehicles: a control invariant approach. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 801–816. CCS 2018, Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3243734.3243752

  18. Costin, A., Francillon, A.: Ghost in the air(Traffic): on insecurity of ADS-B protocol and practical attacks on ADS-B devices. In: EURECOM (ed.) BLACKHAT 2012, 21–26 July 2012, Las Vegas, NV, USA. Las Vegas (2012)

    Google Scholar 

  19. FAA: Remote Identification of Unmanned Aircraft. https://www.federalregister.gov/documents/2021/01/15/2020-28948/remote-identification-of-unmanned-aircraft. Accessed January 2021

  20. Gao, Y., Liu, S., Atia, M.M., Noureldin, A.: INS/GPS/LiDAR integrated navigation system for urban and indoor environments using hybrid scan matching algorithm. Sensors 15(9), 23286–23302 (2015). https://doi.org/10.3390/s150923286

    Article  Google Scholar 

  21. Giraldo, J., et al.: A survey of physics-based attack detection in cyber-physical systems. ACM Comput. Surv. 51(4) (2018). https://doi.org/10.1145/3203245

  22. Göpel, W., Hesse, J., Zemel, J.N.: Sensors: a comprehensive survey (1989)

    Google Scholar 

  23. Huang, L., Yang, Q.: Low-cost GPS simulator GPS spoofing by SDR. In: DEF CON 23 (2015)

    Google Scholar 

  24. Ji, X., et al.: Poltergeist: acoustic adversarial machine learning against cameras and computer vision. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 160–175. IEEE, San Francisco, CA, USA, May 2021. https://doi.org/10.1109/SP40001.2021.00091

  25. Kasmi, C., Lopes Esteves, J.: IEMI threats for information security: remote command injection on modern smartphones. IEEE Trans. Electromagn. Compat. 57(6), 1752–1755 (2015). https://doi.org/10.1109/TEMC.2015.2463089

    Article  Google Scholar 

  26. Kerns, A.J., Shepard, D.P., Bhatti, J.A., Humphreys, T.E.: Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31(4), 617–636 (2014). https://doi.org/10.1002/rob.21513

    Article  Google Scholar 

  27. Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462, May 2010. https://doi.org/10.1109/SP.2010.34

  28. Kune, D.F., et al.: Ghost talk: mitigating EMI signal injection attacks against analog sensors. In: 2013 IEEE Symposium on Security and Privacy, pp. 145–159, May 2013. https://doi.org/10.1109/SP.2013.20

  29. La Rosa, F., Virzì, M.C., Bonaccorso, F., Branciforte, M.: Optical image stabilization (OIS). STMicroelectronics (2015). http://www.st.com/resource/en/white_paper/ois_white_paper.pdf. Accessed 12 Oct 2017

  30. Luo, A.: Drones Hijacking - multi-dimensional attack vectors and countermeasures. In: DEF CON 24 (2016)

    Google Scholar 

  31. Magazu, D.: Exploiting the Automatic Dependent Surveillance-Broadcast System via False Target Injection. Theses and Dissertations, March 2012

    Google Scholar 

  32. Manesh, M.R., Mullins, M., Foerster, K., Kaabouch, N.: A preliminary effort toward investigating the impacts of ADS-B message injection attack. In: 2018 IEEE Aerospace Conference, pp. 1–6, March 2018. https://doi.org/10.1109/AERO.2018.8396610

  33. Maruyama, S., Wakabayashi, S., Mori, T.: Tap ’n ghost: a compilation of novel attack techniques against smartphone touchscreens. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 620–637 (2019). https://doi.org/10.1109/SP.2019.00037

  34. McCallie, D., Butts, J., Mills, R.: Security analysis of the ADS-B implementation in the next generation air transportation system. Int. J. Crit. Infrastruct. Prot. 4(2), 78–87 (2011). https://doi.org/10.1016/j.ijcip.2011.06.001

    Article  Google Scholar 

  35. NHTSA: Federal Motor Vehicle Safety Standards; Electronic Stability Control Systems. https://www.nhtsa.gov/fmvss/federal-motor-vehicle-safety-standards-electronic-stability-control-systems-0

  36. Noh, J., et al.: Tractor beam: safe-hijacking of consumer drones with adaptive GPS spoofing. ACM Trans. Priv. Secur. 22(2) (2019). https://doi.org/10.1145/3309735

  37. Park, Y., Son, Y., Shin, H., Kim, D., Kim, Y.: This ain’t your dose: sensor spoofing attack on medical infusion pump. In: 10th USENIX Workshop on Offensive Technologies (WOOT 16). USENIX Association, Austin, TX, August 2016

    Google Scholar 

  38. Perrig, A., Canetti, R., Tygar, J., Song, D.: The TESLA broadcast authentication protocol. RSA CryptoBytes 5 (2002). https://doi.org/10.1007/978-1-4615-0229-6_3

  39. Petit, J., Stottelaar, B., Feiri, M., Kargl, F.: Remote attacks on automated vehicles sensors: experiments on camera and LiDAR. In: Black Hat Europe, November 2015

    Google Scholar 

  40. Pleban, J.S., Band, R., Creutzburg, R.: Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy. In: Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2014, vol. 9030, p. 90300L. International Society for Optics and Photonics, February 2014. https://doi.org/10.1117/12.2044868

  41. Quinonez, R., Giraldo, J., Salazar, L., Bauman, E., Cardenas, A., Lin, Z.: SAVIOR: securing autonomous vehicles with robust physical invariants. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 895–912. USENIX Association, August 2020

    Google Scholar 

  42. Roy, N., Hassanieh, H., Roy Choudhury, R.: BackDoor: making microphones hear inaudible sounds. In: Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, pp. 2–14. MobiSys 2017, Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3081333.3081366

  43. Scheiermann, S.: MEMS Sensors Are the Heart of a Drone. https://www.fierceelectronics.com/components/mems-sensors-are-heart-a-drone. Accessed January 2019

  44. Selvaraj, J., Dayanıklı, G.Y., Gaunkar, N.P., Ware, D., Gerdes, R.M., Mina, M.: Electromagnetic induction attacks against embedded systems. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 499–510. ASIACCS 2018, Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3196494.3196556

  45. Shin, H., Kim, D., Kwon, Y., Kim, Y.: Illusion and dazzle: adversarial optical channel exploits against lidars for automotive applications. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 445–467. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_22

    Chapter  Google Scholar 

  46. Shoukry, Y., Martin, P., Tabuada, P., Srivastava, M.: Non-invasive spoofing attacks for anti-lock braking systems. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 55–72. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_4

    Chapter  Google Scholar 

  47. Shoukry, Y., Martin, P., Yona, Y., Diggavi, S., Srivastava, M.: PyCRA: physical challenge-response authentication for active sensors under spoofing attacks. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1004–1015. CCS 2015, Association for Computing Machinery, New York, NY, USA (2015). https://doi.org/10.1145/2810103.2813679

  48. Son, Y., et al.: Rocking drones with intentional sound noise on gyroscopic sensors. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 881–896. USENIX Association, Washington, D.C., August 2015

    Google Scholar 

  49. Spilker Jr, J.J., Axelrad, P., Parkinson, B.W., Enge, P.: Global Positioning System: Theory and Applications, vol. I. American Institute of Aeronautics and Astronautics, Reston (1996)

    Google Scholar 

  50. Strohmeier, M., Lenders, V., Martinovic, I.: On the security of the automatic dependent surveillance-broadcast protocol. IEEE Commun. Surv. Tutor. 17(2), 1066–1087 (2015). https://doi.org/10.1109/COMST.2014.2365951

    Article  Google Scholar 

  51. Sugawara, T., Cyr, B., Rampazzi, S., Genkin, D., Fu, K.: Light commands: laser-based audio injection attacks on voice-controllable systems. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2631–2648. USENIX Association, August 2020

    Google Scholar 

  52. Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., Capkun, S.: On the requirements for successful GPS spoofing attacks. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 75–86. CCS 2011, Association for Computing Machinery, New York, NY, USA (2011). https://doi.org/10.1145/2046707.2046719

  53. Trippel, T., Weisse, O., Xu, W., Honeyman, P., Fu, K.: WALNUT: waging doubt on the integrity of MEMS accelerometers with acoustic injection attacks. In: 2017 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 3–18 (2017). https://doi.org/10.1109/EuroSP.2017.42

  54. Vaidya, T., Zhang, Y., Sherr, M., Shields, C.: Cocaine noodles: exploiting the gap between human and machine speech recognition. In: 9th USENIX Workshop on Offensive Technologies (WOOT 2015). USENIX Association, Washington, D.C., August 2015

    Google Scholar 

  55. Welch, G., Bishop, G., et al.: An introduction to the Kalman filter (1995)

    Google Scholar 

  56. Wikipedia contributors: Automatic dependent Surveillance-Broadcast – Wikipedia, the free encyclopedia

    Google Scholar 

  57. Wikipedia contributors: Inertial measurement unit–Wikipedia, the free encyclopedia

    Google Scholar 

  58. Wikipedia contributors: Sensor – Wikipedia, the free encyclopedia

    Google Scholar 

  59. Xu, W., Yan, C., Jia, W., Ji, X., Liu, J.: Analyzing and enhancing the security of ultrasonic sensors for autonomous vehicles. IEEE Internet Things J. 5(6), 5015–5029 (2018). https://doi.org/10.1109/JIOT.2018.2867917

    Article  Google Scholar 

  60. Yan, C., Xu, W., Liu, J.: Can you trust autonomous vehicles: contactless attacks against sensors of self-driving vehicle. In: DEF CON 24 (2016)

    Google Scholar 

  61. Yan, C., Zhang, G., Ji, X., Zhang, T., Zhang, T., Xu, W.: The feasibility of injecting inaudible voice commands to voice assistants. IEEE Trans. Dependable Secure Comput. 18(3), 1108–1124 (2019). https://doi.org/10.1109/TDSC.2019.2906165

    Article  Google Scholar 

  62. Zhang, G., Yan, C., Ji, X., Zhang, T., Zhang, T., Xu, W.: DolphinAttack: inaudible voice commands. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 103–117. CCS 2017, Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3133956.3134052

Download references

Author information

Authors and Affiliations

  1. Oregon State University, Corvallis, OR, 97331, USA

    Jinhong Choi & Yeongjin Jang

Authors
  1. Jinhong Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yeongjin Jang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jinhong Choi .

Editor information

Editors and Affiliations

  1. Soonchunhyang University, Asan-Si, Korea (Republic of)

    Ilsun You

  2. Dankook University, Yongin, Korea (Republic of)

    Taek-Young Youn

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Choi, J., Jang, Y. (2023). A Survey on Sensor False Data Injection Attacks and Countermeasures in Cyber-Physical and Embedded Systems. In: You, I., Youn, TY. (eds) Information Security Applications. WISA 2022. Lecture Notes in Computer Science, vol 13720. Springer, Cham. https://doi.org/10.1007/978-3-031-25659-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-25659-2_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-25658-5

  • Online ISBN: 978-3-031-25659-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation