Sensor Defense In-Software (SDI): Practical software based detection of spoofing attacks on position sensors
Introduction
Many electronic devices, such as smartphones and sensor nodes, are equipped with position sensors. These sensors are capable of measuring the position, orientation and motion of the device in three-dimensional space. We rely on these sensors for increasingly sensitive tasks including authentication (Conti et al., 2011, Lee and Lee, 2016), navigation (Li et al., 2012), and health monitoring (Ellis et al., 2015). This paper focuses on two widely used sensors: the gyroscope, which measures a device’s angular momentum, or rate of rotation, and the magnetometer, which measures a device’s orientation with respect to the magnetic field of the Earth.
Several recent works have shown how the readings of these sensors can be spoofed by applying an external acoustic stimulus to the device or its surroundings (Trippel et al., 2017, Tu et al., 2018). The spoofed output of a sensor does not reflect the device’s actual rotation or orientation; instead, the output is overwritten by artificial values which are either randomly corrupted or completely controlled by the attacker. Sensor spoofing attacks on smartphones are already being used for malicious purposes. For example, the online publication Sixth Tone reported on June 2018 that Chinese university students, who are required to reach at least 10,000 steps per day as part of their fitness requirement, use a variety of devices called “WeRun Boosters” to spoof the motion sensors on their smartphones, generating 6000 to 7000 steps on a smartphone per hour (Yujie, 2018). The risks associated with sensor spoofing will only grow as the amount of sensitive applications relying on these sensors increases. For example, Wang et al. (2016) and Reinertsen et al. (2017) proposed to use sensor measurements to assess the severity of illness of patients with schizophrenia. Sensor spoofing attacks, when applied to this scenario, may erroneously cause a person to be hospitalized in a psychiatric ward.
While several papers have discussed sensor spoofing, few of them have discussed the prevention of these attacks, a gap we wish to address in this work. One of the main limitations of many defenses against sensor spoofing is that they either require changes to the sensor hardware or to the low-level firmware used to interface it to the phone’s CPU. Since position sensors are typically highly integrated low cost devices with a relatively long development cycles, such modifications are difficult to apply to hardware already deployed in the field, and are hard to justify from a system integration standpoint. While software-based anomaly detection mechanisms have been proposed for other types of sensor systems, such as wireless sensor networks (de Lima Pinto et al., 2018), they typically did not consider a malicious adversary but only a random fault model.
Our Contribution:In this paper we propose two software-based defense methods against acoustic and magnetic attacks on a device’s gyroscope and magnetometer. Our first defense method, SDI-1, uses machine learning to detect anomalies in the output of a single sensor. This defense method can detect sensor corruption attacks, but cannot detect cases where a more powerful adversary can force the sensor to output a spoofed but valid reading. Our second defense method, SDI-2, applies sensor fusion to compare the readings of multiple sensors measuring a similar type of motion. This method can potentially protect against a more powerful sensor spoofing adversary, as long as this adversary cannot control the entire set of sensors available on the device. Specifically, in this paper we present single-sensor defenses for acoustic attacks on the gyroscope and for magnetic attacks on the magnetometer. We also present a sensor fusion based defense combining the gyroscope and the magnetometer, as shown in Fig. 1. We describe the physical and mathematical relationship between expected sensor readings, and show how the defender can measure deviations between the two sensors to detect an attack. We implemented our defenses on multiple smartphones from different vendors, as well as on a resource-constrained IoT node, in each case measuring the accuracy, detection time and power usage of our defenses. The main advantage of these defenses are that they are purely software based, and can therefore be deployed on many types of devices without any hardware modification.
Document Structure: We begin by describing the spoofing attacks on the MEMS gyroscope and magnetometer. In Section 2 we describe SDI-1, a machine learning-based single sensor defense, and SDI-2, a sensor fusion-based single sensor defense, and show how they can protect against acoustic and magnetic attacks on the gyroscope and on the magnetometer respectively. In Section 3 we perform a practical evaluation of our defense methods. Finally, in Section 4 we discuss defenses for another type of sensor, the accelerometer, and conclude by discussing further applications of sensor fusion and its improvements.
A smartphone’s various position sensors are used to measure the phone’s position and motion in space along the six axes of motion (or six degrees of freedom). The measurements of the device’s sensors are generally provided in the device’s frame of reference: a Cartesian coordinate system with coordinates attached to the device. This coordinate system is rotated with respect to the world’s frame of reference, which is a standard static coordinate system. Of the six degrees of freedom, three coordinates (X, Y, and Z) are used to describe the phone’s position and linear motion in space, while the three other coordinates (, and , or pitch, roll and yaw) are used to describe the phone’s Cartesian axes orientation with respect to the world’s frame of reference and its rotational motion.
The gyroscope is a MEMS-based sensor which measures the device’s angular velocity in units of radian per second. As described in Son et al. (2015), microelectromechanical systems (MEMS) gyroscopes typically contain a small mass moving back and forth at a constant frequency. As the phone is rotated, the Coriolis effect acts on this moving mass and causes it to vibrate with an amplitude that is directly related to the angular rotation rate. The modulated vibration amplitude is then converted to voltage, typically by a capacitive or piezo-electric sensor.
The magnetometer, or compass, measures the direction and magnitude of the ambient magnetic field around the device, in units of microtesla. As described in Jiang et al. (2014), virtually all smartphones use a Hall effect magnetometer, which works by detecting the voltage differential induced by the Hall effect across a thin metallic surface in response to a magnetic field perpendicular to the surface. The magnetic field measured by the phone field is typically a combination of the Earth’s magnetic field, which points more or less to the north, and additional magnetic sources in the vicinity of the phone, such as iron beams, electric motors or induction coils. As long as the phone stays in the same place and the additional magnetic sources stay constant over time, the magnetometer’s reading will point to the same direction in the world’s reference frame, even when the phone is rotated. Other common position sensors include the accelerometer, which measures the linear acceleration of the device, and the GPS sensor, which measures the location of the device on Earth.
As mentioned in the previous section, MEMS gyroscopes contain a small moving mass. As shown in Tu et al. (2018) and Son et al. (2015), they are vulnerable to acoustic attacks, in which the sensor is subjected to external vibrations with the sensor’s mechanical resonant frequency. When the moving mass inside the sensor is stimulated by this acoustic signal, it begins vibrating with a high amplitude. This prevents the sensor from interacting with the environment, allowing its reading to be controlled by the attacker. In other words, a high-frequency audio signal at a specific frequency can bring these sensors into a state of resonance, corrupting their outputs. The source of the disruptive signal can be an external device situated next to the phone, or even the phone’s own speaker (Block et al., 2017).
Acoustic attacks on MEMS-based gyroscopes and accelerometers were first presented by Son et al. (2015) in the context of drones, and later shown by Trippel et al., 2017, Farshteindiker et al., 2016 to be applicable to smartphone sensors as well. Tu et al. (2018) performed a comprehensive evaluation of out-of-band signal injection methods to deliver adversarial control of embedded MEMS inertial sensors on a wide variety of devices including self balancing scooters, stabilizers, smartphones, VR headsets and other similar devices. Similarly, an adversary equipped with a magnetic coil is able to spoof the outputs of the magnetometer, an effect put to productive use in Jiang et al. (2014). Recognizing the increasing risk caused by current and emerging sensor spoofing attacks, the Industrial Control Systems Cyber Emergency Response Team of the U.S. Department of Homeland Security (ICS-CERT) stated recently that it considers position sensor attacks as a “threat to critical infrastructure” (U. CERT, 2017).
Generally speaking, there are two types of spoofing attacks: corruption attacks, which we refer to as sensor rocking attacks (following the nomenclature of Son et al. (2015)) and rewriting attacks, which we refer to as sensor rolling attacks (for reasons of symmetry). Sensor rocking attacks replace the sensor readings with arbitrary corrupted values which are unrelated to the external environment. For example, the attacker can replace the sensor signal with a high frequency sine wave or random noise. While the attacker cannot control the shape of this corrupted signal, the attacker can turn the disruptive signal on and off at will. In fact, Farshteindiker et al. (2016) and Jiang et al. (2014) used this ability as a data transmission mechanism. Sensor rolling attacks are a stronger class of attack, in which the attacker completely replaces the sensor readings with values of their choosing. Since the attacker can create any sensor readings including replaying previous readings, defense methods that detect anomalies will not be effective against rolling attacks.
In this work, we replicate two types of acoustic attacks on the gyroscope, as shown in Farshteindiker et al. (2016) and Tu et al. (2018), to collect data and test our defense methods. While Farshteindiker et al. (2016) used a piezoelectric speaker kept in close proximity to the phone, Tu et al. (2018) used regular speakers connected to an amplifier to attack the gyroscope from a distance. Both attacks work by using the sensor’s mechanical resonant frequency. To spoof the magnetometer, we used a solenoid connected to a waveform generator as magnetic field source, similar to the methods of Shoukry et al. (2013). The high sensitivity of the magnetometer makes it extremely vulnerable to the presence of any external magnetic field, sometimes even to the magnet in the phone’s own speaker (W3C, 2018).
Section snippets
Defense methods
In this work we implement and evaluate two purely software-based approaches for sensor spoofing detection. The first approach, SDI-1, uses machine learning techniques applied to sensor output to detect anomalies. The second approach, SDI-2, is a novel fusion-based detector which works by examining multiple sensor outputs. Since these defenses apply signal processing and machine learning, it is important to examine the resource consumption of the defense methods, both in terms of processing time
Evaluation
We evaluated the defenses for the gyroscope by first reproducing the two acoustic attacks on the gyroscope as mentioned in Farshteindiker et al. (2016) and Tu et al. (2018). To reproduce the attack of Farshteindiker et al. (2016), we used a PUI Audio APS2509S-T-R piezoelectric transducer connected to a Picoscope 2206BMSO supported by Picoscope software v6.13.7.707 used as a waveform generator. To reproduce the attack in Tu et al. (2018), we used a 4 × 2 dual channel PUI Audio AS06608PS-2-R
Discussion
We presented two effective software-only methods for detecting acoustic and magnetic attacks on the gyroscope and the magnetometer. We developed and implemented our defenses, and performed detailed analysis on various devices under various circumstances. One of the major advantages of our defense methods is that they can be used for all kinds of devices. Although the machine learning models require data collection and training, this can be done externally, irrespective of the device, and only
CRediT authorship contribution statement
Kevin Sam Tharayil: Investigation, Formal analysis, Software, Data curation, Writing - original draft. Benyamin Farshteindiker: Conceptualization. Shaked Eyal: Software, Validation. Nir Hasidim: Methodology. Roy Hershkovitz: Software, Validation, Data Curation. Shani Houri: Software, Validation. Ilia Yoffe: Methodology, Writing - original draft. Michal Oren: Methodology, Writing - original draft. Yossi Oren: Supervision, Resources, Project administration, Funding acquisition, Writing - review &
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
References (39)
- et al.
Activity recognition based on micro-doppler signature with in-home wi-fi
- et al.
Anomaly detection in streaming environmental sensor data: A data-driven modeling approach
Environ. Model. Softw.
(2010) - et al.
An autonomic and permissionless android covert channel
- et al.
Touchlogger: inferring keystrokes on touch screen from smartphone motion
- et al.
Masking failures of multidimensional sensors
- et al.
Mind how you answer me!: transparently authenticating the user of a smartphone when answering or placing a call
- et al.
Tracking mobile web users through motion sensors: Attacks and defenses
- et al.
Smartphone fingerprinting via motion sensors: Analyzing feasiblity at large-scale and studing real usage patterns
(2016) - et al.
Accelerometer and magnetometer based gyroscope emulation on smart sensor for a virtual reality application
Sensors Transducers
(2012) - et al.
A validated smartphone-based assessment of gait and gait variability in parkinson’s disease
PLoS One
(2015)
How magnetic disturbance influences the attitude and heading in magnetic and inertial sensor-based orientation estimation
Sensors
Classical Mechanics
A review of machine learning solutions to denial-of-services attacks in wireless sensor networks
Attack-resilient sensor fusion for safety-critical cyber-physical systems
ACM Trans. Embedded Comput. Syst.
Pulse: low bitrate wireless magnetic communication for smartphones
Overcoming the myopia of inductive learning algorithms with RELIEFF
Appl. Intell.
Ghost talk: Mitigating EMI signal injection attacks against analog sensors
Implicit sensor-based authentication of smartphone users with smartwatch
Cited by (12)
Secure distributed estimation under Byzantine attack and manipulation attack
2022, Engineering Applications of Artificial IntelligenceLearning-based airborne sensor task assignment in unknown dynamic environments
2022, Engineering Applications of Artificial IntelligenceCitation Excerpt :Sensor management has been widely used in many fields, such as target tracking (Hoang and Vo, 2014; Katsilieris et al., 2015), strategic location defense (Anderson and Hong, 2008; Tharayil et al., 2020), wireless sensor network (Higher, 2004; Chu et al., 2015; Shen et al., 2019; Leong et al., 2020) etc.
ADC-Bank: Detecting Acoustic Out-of-Band Signal Injection on Inertial Sensors
2024, Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICSTTowards Adversarial Process Control on Inertial Sensor Systems with Physical Feedback Side Channels
2023, CPSIoTSec 2023 - Proceedings of the 5th Workshop on CPS and IoT Security and PrivacyPractical Software Defense for GPS Spoofing on a Hobby UAV
2023, Sensors S and P 2023 - Proceedings of the 1st International Workshop on Security and Privacy of Sensing Systems, Part of: SenSys 2023