The researchers introduced a technique that can be used to detect even the smallest intrusions into a complete hardware system. To do this, they read a radio signal that has a special signature reflected on the computer components. If the hardware changes by a fraction of a millimeter, scientists can read it in a radio signal.
Most sensitive information, such as credit card information or classified documents, is stored digitally today. To prevent them from falling into the wrong hands, the system that processes them must be protected from attacks. On the one hand, they can occur as a result of remote cyber attacks, and on the other hand, the hardware can be manipulated on site. A small metal object that is placed in the right place in the hardware is usually enough to read data streams from a printed circuit board.
So far, only individual system components, such as a particularly important memory element or processor, can be protected against such manipulations. “This usually happens with a kind of thin-wire film in which the hardware component is wrapped,” explains Paul State of Ruhr University in Bochum. “If the foil is damaged, the system will trigger an alarm.”
Each system has a fingerprint
Together with his colleague Johannes Tobisch, Staat has now introduced a technology that can monitor not only individual components, but entire systems at low cost. The researchers equipped them with two radio antennas: a transmitter and a receiver. The transmitter sends a special radio signal to the surroundings, which spreads throughout the system and bounces off walls and computer components. Through all these reflections, the receiver receives a signal that is as characteristic of the system as the fingerprint – and if the hardware is tampered with, the fingerprint changes.
To check the accuracy of their system, the research team equipped a conventional computer with radio antennas. Then they inserted metal needles through small holes in the cover and looked at how it manifested in the system’s fingerprint. They changed the thickness of the needle, the position and the depth of penetration.
Visible at 0.1 millimeter
Result: With the computer running, the researchers were still able to reliably detect a 0.3 millimeter thick needle from a penetration depth of one centimeter. Even with a 0.1 millimeter thick needle – roughly like a hair – the system still strikes, but not in all positions. “The closer the needle is to the receiving antenna, the easier it is to detect it,” explains Staat. “In practice, it makes sense to think carefully about where to place the antennas,” says Tobisch. “They should be as close as possible to the parts that deserve special protection.”
Another challenge, according to scientists, is to take into account failures that are caused by the ongoing operation of the computer. “Fans are like small vacuum cleaners and the processor is like a heater,” explains Staat. Because environmental conditions, such as humidity and temperature, also affect the system’s fingerprint, researchers must measure and include them. This is the only way to verify whether the signal change is legitimate or whether it was caused by hardware manipulation.
Also available at a low price
Researchers see that their technology is used both in highly secure systems and in everyday objects such as car control units, electricity meters or medical devices. In addition to high-precision and expensive measuring instruments, they also tested those that are only available for a few euros. According to the researchers, the intervention rate was lower, but the system still worked. “It’s always a compromise between price and accuracy,” says Staat.
In the next step, scientists want to be able to more reliably understand the effect of environmental conditions on the radio signal. They want to rely primarily on machine learning. (IEEE Symposium on Security and Privacy, 2022; doi: 10.1109 / SP46214.2022.00067)
Source: Ruhr University Bochum