SoK: Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses
Research on how hardware imperfections impact security has primarily focused on side-channel leakage mechanisms produced by power consumption, electromagnetic emanations, acoustic vibrations, and optical emissions. However, with the proliferation of sensors in security-critical devices, the impact of attacks on sensor-to-microcontroller and microcontroller-to-actuator interfaces using the same channels is starting to become more than an academic curiosity. These out-of-band signal injection attacks target connections which transform physical quantities to analog properties and fundamentally cannot be authenticated, posing previously unexplored security risks. This paper contains the first survey of such out-of-band signal injection attacks, with a focus on unifying their terminology, and identifying commonalities in their causes and effects. The taxonomy presented contains a chronological, evolutionary, and thematic view of out-of-band signal injection attacks which highlights the cross-influences that exist and underscores the need for a common language irrespective of the method of injection. By placing attack and defense mechanisms in the wider context of their dual counterparts of side-channel leakage and electromagnetic interference, our paper identifies common threads and gaps that can help guide and inform future research. Overall, the ever-increasing reliance on sensors embedded in everyday commodity devices necessitates that a stronger focus be placed on improving the security of such systems against out-of-band signal injection attacks.
READ FULL TEXT