How to protect home devices against data interception?
As part of the POB CyberDS research grant, experts from the Faculty of Electronics and Information Technology of PW focused on devising methods to prevent attacks on the Internet of Things infrastructure aimed at data interception or shutting down network nodes by exhausting their power sources.
The mass introduction of additional communication nodes to the global computer network, e.g. microwave ovens, vacuum cleaners, or cars, poses new threats to the safety of their users. Hacker attacks may affect devices that are powered by autonomous sources (e.g. sensor networks equipped with batteries), among others. Such an attack aims to turn off the device by consuming its battery (the so-called sleep deprivation) through continuously sending data to it. Another form of attack is the interception of transmitted information.
“The transmitted data may facilitate, for example, user profiling by obtaining information about the homeowner’s habits and the hours when he/she is away from the place of residence,” explains Professor Piotr Bilski. “Knowing that someone is constantly online, you can try to violate their privacy or steal their sensitive data using a smartphone. For this reason, new security measures need to be worked out,” he says.
To achieve that goal, new cryptographic security measures should be introduced, among other things. In the case of the devices involved in the project carried out by PW scientists, these should be safeguards that both consume little energy and are sufficiently effective.
“As part of the project, Bartosz Kościug, MSc, a doctoral student whose supervisor I am, worked on a protocol of low throughput over long distances using chaotic networks,” says Professor Bilski. “The authentication technique of communication nodes he suggested allows us to be sure that the nodes "talk" to the right partners, instead of, for instance, an intruder impersonating a legitimate node,” he explains.
The protocol was tested on selected microcontrollers, i.e. computers housed in one integrated circuit, with low computing power and consuming a minimum amount of energy. The test results turned out to be very promising. It turned out that it is possible to propose innovative communication protocols that ensure secure authentication and data transmission in systems with a limited amount of available energy.
Despite the completion of the POB CyberDS research grant, Bartosz Kościug, MSc, continues to work on his proposed solution, and the results of his research will be used to complete his doctoral thesis.
The project “Information security analysis in the Internet of Things” was financed under the research grant of the “Excellence Initiative – Research University” programme, which is implemented at the Warsaw University of Technology.
Research team: Professor Piotr Bilski; Robert Łukaszewski, PhD; Piotr Bobiński, PhD; Bartosz Kościug, MSc.