skip to main content

Search for: All records

Creators/Authors contains: "Yu, Sihan"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. null (Ed.)
  2. null (Ed.)
    Widely deployed IoT devices have raised serious concerns for the spectrum shortage and the cost of multi-protocol gateway deployment. Recent emerging Cross-Technology Communication (CTC) technique can alleviate this issue by enabling direct communication among heterogeneous wireless devices, such as WiFi, Bluetooth, and ZigBee on 2.4 GHz. However, this new paradigm also brings security risks, where an attacker can use CTC to launch wireless attacks against IoT devices. Due to limited computational capability and different wireless protocols being used, many IoT devices are unable to use computationally-intensive cryptographic approaches for security enhancement. Therefore, without proper detection methods, IoT devices cannot distinguish signal sources before executing command signals. In this paper, we first demonstrate a new defined physical layer attack in the CTC scenario, named as waveform emulation attack, where a WiFi device can overhear and emulate the ZigBee waveform to attack ZigBee IoT devices. Then, to defend against this new attack, we propose a physical layer defensive mechanism, named as AuthCTC, to verify the legitimacy of CTC signals. Specifically, at the sender side, an authorization code is embedded into the packet preamble by leveraging the dynamically changed cyclic prefix. A WiFi-based detector is used to verify the authorization code at the receiver side. Extensive simulations and experiments using off-the-shelf devices are conducted to demonstrate both the feasibility of the attack and the effectiveness of our defensive mechanism. 
    more » « less
  3. The emerging Cross-Technology Communication (CTC) has enabled the direct communication among different protocols, which will greatly enhance the spectrum efficiency. However, it will also bring security challenges to end IoT devices since the attacks can be from heterogeneous devices. Current deployed security mechanisms cannot be applied among heterogeneous devices. This work proposes a new mechanism to verify the legitimacy of signal source so that only the signals from legal CTC devices can be further processed. We verify the legitimacy of devices by embedding authorization codes into the packets at the sender side and verify them at the receiver side. Theoretical analysis and experiments show that this mechanism can provide effective protection on heterogeneous communication pairs. 
    more » « less