Abstract
Cyber-physical system (CPS) and embedded system (ES) has been growing rapidly, embracing safety-critical systems such as automobiles and airplanes. While such systems are traditionally operated by human, recent technology enables autonomous operation, even making critical control decisions by itself. Since decision-making process highly depends on sensor data, it is crucial for safety that outputs from sensors should remain trustworthy at all times. Sensor false data injection (SFDI) attacks target sensors of CPS and ES, to affect their outputs, ultimately to perturb behavior of the entire system.
In a sensor, raw signal is processed at multiple stages to return the measurement. We group them into three layers where signal changes its form. The simple three-layer view can help analyze existing attacks and defenses systematically: where the root cause of an attack is, how an attack is propagating, which layer a defense can protect.
The goals of the survey are to (1) understand the literature of SFDI attacks and defenses clearly, (2) identify current challenges and potential approaches to make sensors secure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
14 CFR 91.225 - Automatic Dependent Surveillance-Broadcast (ADS-B) Out equipment and use. https://www.ecfr.gov/current/title-14/chapter-I/subchapter-F/part-91/subpart-C/section-91.225
Amazon Alexa Voice AI. https://developer.amazon.com/en-US/alexa.html
Connected Papers. https://www.connectedpapers.com/
Google Assistant. https://assistant.google.com/
GPS: The Global Positioning System. https://www.gps.gov/
Properties of Lasers. https://www.worldoflasers.com/laserproperties.htm
Waymo. https://waymo.com/company/
What are Anti-Lock Brakes & ABS. https://www.wagnerbrake.com/technical/parts-matter/automotive-repair-and-maintenance/guide-to-abs-brakes.html
Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340–353. CCS 2005, Association for Computing Machinery, New York, NY, USA (2005). https://doi.org/10.1145/1102120.1102165
Bell, A.G.: On the production and reproduction of sound by light. Am. J. Sci. s3–20(118), 305–324 (1880). https://doi.org/10.2475/ajs.s3-20.118.305
Bolton, C., Rampazzi, S., Li, C., Kwong, A., Xu, W., Fu, K.: Blue note: how intentional acoustic interference damages availability and integrity in hard disk drives and operating systems. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 1048–1062. IEEE, San Francisco, CA, May 2018. https://doi.org/10.1109/SP.2018.00050
Cao, Y., et al.: Adversarial sensor attack on LiDAR-based perception in autonomous driving. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS 2019, pp. 2267–2281. ACM Press, London, United Kingdom (2019). https://doi.org/10.1145/3319535.3339815
Carlini, N., et al.: Hidden voice commands. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 513–530. USENIX Association, Austin, TX, August 2016
Chauhan, R.: A platform for false data injection in frequency modulated continuous wave radar. All Graduate Theses and Dissertations, May 2014. https://doi.org/10.26076/6adb-d066
Chen, F., Roşu, G.: Mop: an efficient and generic runtime verification framework. In: Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications, pp. 569–588. OOPSLA 2007, Association for Computing Machinery, New York, NY, USA (2007). https://doi.org/10.1145/1297027.1297069
Choi, H., et al.: Detecting attacks against robotic vehicles: a control invariant approach. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 801–816. CCS 2018, Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3243734.3243752
Costin, A., Francillon, A.: Ghost in the air(Traffic): on insecurity of ADS-B protocol and practical attacks on ADS-B devices. In: EURECOM (ed.) BLACKHAT 2012, 21–26 July 2012, Las Vegas, NV, USA. Las Vegas (2012)
FAA: Remote Identification of Unmanned Aircraft. https://www.federalregister.gov/documents/2021/01/15/2020-28948/remote-identification-of-unmanned-aircraft. Accessed January 2021
Gao, Y., Liu, S., Atia, M.M., Noureldin, A.: INS/GPS/LiDAR integrated navigation system for urban and indoor environments using hybrid scan matching algorithm. Sensors 15(9), 23286–23302 (2015). https://doi.org/10.3390/s150923286
Giraldo, J., et al.: A survey of physics-based attack detection in cyber-physical systems. ACM Comput. Surv. 51(4) (2018). https://doi.org/10.1145/3203245
Göpel, W., Hesse, J., Zemel, J.N.: Sensors: a comprehensive survey (1989)
Huang, L., Yang, Q.: Low-cost GPS simulator GPS spoofing by SDR. In: DEF CON 23 (2015)
Ji, X., et al.: Poltergeist: acoustic adversarial machine learning against cameras and computer vision. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 160–175. IEEE, San Francisco, CA, USA, May 2021. https://doi.org/10.1109/SP40001.2021.00091
Kasmi, C., Lopes Esteves, J.: IEMI threats for information security: remote command injection on modern smartphones. IEEE Trans. Electromagn. Compat. 57(6), 1752–1755 (2015). https://doi.org/10.1109/TEMC.2015.2463089
Kerns, A.J., Shepard, D.P., Bhatti, J.A., Humphreys, T.E.: Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31(4), 617–636 (2014). https://doi.org/10.1002/rob.21513
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462, May 2010. https://doi.org/10.1109/SP.2010.34
Kune, D.F., et al.: Ghost talk: mitigating EMI signal injection attacks against analog sensors. In: 2013 IEEE Symposium on Security and Privacy, pp. 145–159, May 2013. https://doi.org/10.1109/SP.2013.20
La Rosa, F., Virzì, M.C., Bonaccorso, F., Branciforte, M.: Optical image stabilization (OIS). STMicroelectronics (2015). http://www.st.com/resource/en/white_paper/ois_white_paper.pdf. Accessed 12 Oct 2017
Luo, A.: Drones Hijacking - multi-dimensional attack vectors and countermeasures. In: DEF CON 24 (2016)
Magazu, D.: Exploiting the Automatic Dependent Surveillance-Broadcast System via False Target Injection. Theses and Dissertations, March 2012
Manesh, M.R., Mullins, M., Foerster, K., Kaabouch, N.: A preliminary effort toward investigating the impacts of ADS-B message injection attack. In: 2018 IEEE Aerospace Conference, pp. 1–6, March 2018. https://doi.org/10.1109/AERO.2018.8396610
Maruyama, S., Wakabayashi, S., Mori, T.: Tap ’n ghost: a compilation of novel attack techniques against smartphone touchscreens. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 620–637 (2019). https://doi.org/10.1109/SP.2019.00037
McCallie, D., Butts, J., Mills, R.: Security analysis of the ADS-B implementation in the next generation air transportation system. Int. J. Crit. Infrastruct. Prot. 4(2), 78–87 (2011). https://doi.org/10.1016/j.ijcip.2011.06.001
NHTSA: Federal Motor Vehicle Safety Standards; Electronic Stability Control Systems. https://www.nhtsa.gov/fmvss/federal-motor-vehicle-safety-standards-electronic-stability-control-systems-0
Noh, J., et al.: Tractor beam: safe-hijacking of consumer drones with adaptive GPS spoofing. ACM Trans. Priv. Secur. 22(2) (2019). https://doi.org/10.1145/3309735
Park, Y., Son, Y., Shin, H., Kim, D., Kim, Y.: This ain’t your dose: sensor spoofing attack on medical infusion pump. In: 10th USENIX Workshop on Offensive Technologies (WOOT 16). USENIX Association, Austin, TX, August 2016
Perrig, A., Canetti, R., Tygar, J., Song, D.: The TESLA broadcast authentication protocol. RSA CryptoBytes 5 (2002). https://doi.org/10.1007/978-1-4615-0229-6_3
Petit, J., Stottelaar, B., Feiri, M., Kargl, F.: Remote attacks on automated vehicles sensors: experiments on camera and LiDAR. In: Black Hat Europe, November 2015
Pleban, J.S., Band, R., Creutzburg, R.: Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy. In: Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2014, vol. 9030, p. 90300L. International Society for Optics and Photonics, February 2014. https://doi.org/10.1117/12.2044868
Quinonez, R., Giraldo, J., Salazar, L., Bauman, E., Cardenas, A., Lin, Z.: SAVIOR: securing autonomous vehicles with robust physical invariants. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 895–912. USENIX Association, August 2020
Roy, N., Hassanieh, H., Roy Choudhury, R.: BackDoor: making microphones hear inaudible sounds. In: Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, pp. 2–14. MobiSys 2017, Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3081333.3081366
Scheiermann, S.: MEMS Sensors Are the Heart of a Drone. https://www.fierceelectronics.com/components/mems-sensors-are-heart-a-drone. Accessed January 2019
Selvaraj, J., Dayanıklı, G.Y., Gaunkar, N.P., Ware, D., Gerdes, R.M., Mina, M.: Electromagnetic induction attacks against embedded systems. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 499–510. ASIACCS 2018, Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3196494.3196556
Shin, H., Kim, D., Kwon, Y., Kim, Y.: Illusion and dazzle: adversarial optical channel exploits against lidars for automotive applications. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 445–467. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_22
Shoukry, Y., Martin, P., Tabuada, P., Srivastava, M.: Non-invasive spoofing attacks for anti-lock braking systems. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 55–72. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_4
Shoukry, Y., Martin, P., Yona, Y., Diggavi, S., Srivastava, M.: PyCRA: physical challenge-response authentication for active sensors under spoofing attacks. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1004–1015. CCS 2015, Association for Computing Machinery, New York, NY, USA (2015). https://doi.org/10.1145/2810103.2813679
Son, Y., et al.: Rocking drones with intentional sound noise on gyroscopic sensors. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 881–896. USENIX Association, Washington, D.C., August 2015
Spilker Jr, J.J., Axelrad, P., Parkinson, B.W., Enge, P.: Global Positioning System: Theory and Applications, vol. I. American Institute of Aeronautics and Astronautics, Reston (1996)
Strohmeier, M., Lenders, V., Martinovic, I.: On the security of the automatic dependent surveillance-broadcast protocol. IEEE Commun. Surv. Tutor. 17(2), 1066–1087 (2015). https://doi.org/10.1109/COMST.2014.2365951
Sugawara, T., Cyr, B., Rampazzi, S., Genkin, D., Fu, K.: Light commands: laser-based audio injection attacks on voice-controllable systems. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2631–2648. USENIX Association, August 2020
Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., Capkun, S.: On the requirements for successful GPS spoofing attacks. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 75–86. CCS 2011, Association for Computing Machinery, New York, NY, USA (2011). https://doi.org/10.1145/2046707.2046719
Trippel, T., Weisse, O., Xu, W., Honeyman, P., Fu, K.: WALNUT: waging doubt on the integrity of MEMS accelerometers with acoustic injection attacks. In: 2017 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 3–18 (2017). https://doi.org/10.1109/EuroSP.2017.42
Vaidya, T., Zhang, Y., Sherr, M., Shields, C.: Cocaine noodles: exploiting the gap between human and machine speech recognition. In: 9th USENIX Workshop on Offensive Technologies (WOOT 2015). USENIX Association, Washington, D.C., August 2015
Welch, G., Bishop, G., et al.: An introduction to the Kalman filter (1995)
Wikipedia contributors: Automatic dependent Surveillance-Broadcast – Wikipedia, the free encyclopedia
Wikipedia contributors: Inertial measurement unit–Wikipedia, the free encyclopedia
Wikipedia contributors: Sensor – Wikipedia, the free encyclopedia
Xu, W., Yan, C., Jia, W., Ji, X., Liu, J.: Analyzing and enhancing the security of ultrasonic sensors for autonomous vehicles. IEEE Internet Things J. 5(6), 5015–5029 (2018). https://doi.org/10.1109/JIOT.2018.2867917
Yan, C., Xu, W., Liu, J.: Can you trust autonomous vehicles: contactless attacks against sensors of self-driving vehicle. In: DEF CON 24 (2016)
Yan, C., Zhang, G., Ji, X., Zhang, T., Zhang, T., Xu, W.: The feasibility of injecting inaudible voice commands to voice assistants. IEEE Trans. Dependable Secure Comput. 18(3), 1108–1124 (2019). https://doi.org/10.1109/TDSC.2019.2906165
Zhang, G., Yan, C., Ji, X., Zhang, T., Zhang, T., Xu, W.: DolphinAttack: inaudible voice commands. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 103–117. CCS 2017, Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3133956.3134052
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 Springer Nature Switzerland AG
About this paper
Cite this paper
Choi, J., Jang, Y. (2023). A Survey on Sensor False Data Injection Attacks and Countermeasures in Cyber-Physical and Embedded Systems. In: You, I., Youn, TY. (eds) Information Security Applications. WISA 2022. Lecture Notes in Computer Science, vol 13720. Springer, Cham. https://doi.org/10.1007/978-3-031-25659-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-25659-2_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-25658-5
Online ISBN: 978-3-031-25659-2
eBook Packages: Computer ScienceComputer Science (R0)