Securing On-Body IoT Devices By Exploiting Creeping Wave Propagation
share
On-body devices are an intrinsic part of the Internet-of-Things (IoT) vision to provide human-centric services. These on-body IoT devices are largely embedded devices that lack a sophisticated user interface to facilitate traditional Pre-Shared Key based security protocols. Motivated by this real-world security vulnerability, this paper proposes SecureTag, a system designed to add defense in depth against active attacks by integrating physical layer (PHY) information with upper-layer protocols. The underpinning of SecureTag is a signal processing technique that extracts the peculiar propagation characteristics of creeping waves to discern on-body devices. Upon overhearing a suspicious transmission, SecureTag initiates a PHY-based challenge-response protocol to mitigate attacks. We implement our system on different commercial off-the-shelf (COTS) wearables and a smartphone. Extensive experiments are conducted in a lab, apartments, malls, and outdoor areas, involving 12 volunteer subjects of different age groups, to demonstrate the robustness of our system. Results show that our system can mitigate 96.13 active attack attempts while triggering false alarms on merely 5.64 legitimate traffic.
READ FULL TEXT