TY - GEN
T1 - Your home is insecure
T2 - 40th IEEE Conference on Computer Communications, INFOCOM 2021
AU - Li, Tao
AU - Han, Dianqi
AU - Li, Jiawei
AU - Li, Ang
AU - Zhang, Yan
AU - Zhang, Rui
AU - Zhang, Yanchao
N1 - Funding Information:
XI. ACKNOWLEDGEMENT This work was supported in part by the US National Science Foundation under grants CNS-1933069, CNS-1824355, CNS-1619251, CNS-1933047, CNS-1718078, and CNS-1651954 (CAREER).
Publisher Copyright:
© 2021 IEEE.
PY - 2021/5/10
Y1 - 2021/5/10
N2 - Wireless home alarm systems are being widely deployed, but their security has not been well studied. Existing attacks on wireless home alarm systems exploit the vulnerabilities of networking protocols while neglecting the problems arising from the physical component of IoT devices. In this paper, we present new event-eliminating and event-spoofing attacks on commercial wireless home alarm systems by interfering with the reed switch in almost all COTS alarm sensors. In both attacks, the external adversary uses his own magnet to control the state of the reed switch in order to either eliminate legitimate alarms or spoof false alarms. We also present a new battery-depletion attack with programmable electromagnets to deplete the alarm sensor's battery quickly and stealthily in hours which is expected to last a few years. The efficacy of our attacks is confirmed by detailed experiments on a representative Ring alarm system.
AB - Wireless home alarm systems are being widely deployed, but their security has not been well studied. Existing attacks on wireless home alarm systems exploit the vulnerabilities of networking protocols while neglecting the problems arising from the physical component of IoT devices. In this paper, we present new event-eliminating and event-spoofing attacks on commercial wireless home alarm systems by interfering with the reed switch in almost all COTS alarm sensors. In both attacks, the external adversary uses his own magnet to control the state of the reed switch in order to either eliminate legitimate alarms or spoof false alarms. We also present a new battery-depletion attack with programmable electromagnets to deplete the alarm sensor's battery quickly and stealthily in hours which is expected to last a few years. The efficacy of our attacks is confirmed by detailed experiments on a representative Ring alarm system.
UR - http://www.scopus.com/inward/record.url?scp=85111925872&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85111925872&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM42981.2021.9488873
DO - 10.1109/INFOCOM42981.2021.9488873
M3 - Conference contribution
AN - SCOPUS:85111925872
T3 - Proceedings - IEEE INFOCOM
BT - INFOCOM 2021 - IEEE Conference on Computer Communications
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 10 May 2021 through 13 May 2021
ER -