Attacking and Improving Received Signal Strength Ratio for Secure Localization and Proximity-based Authentication
- Author(s): Marxen, Joshua Todd
- Advisor(s): Orailoglu, Alex
- et al.
The cheap versatility of modern embedded systems is being harnessed to attack sprawling tasks with teams of cooperating machines - infrastructure monitoring, automated patient health monitoring, and the management of cyber-physical systems are some prime examples. Parallel advances in networking technology, particularly MIMO signal processing capabilities,
facilitate wireless tracking and localization for coordination of physical activities among independent nodes. As these technologies enter wider markets, they inevitably become targets of malicious adversaries, and the ability to detect and mitigate attacks becomes necessary. In many applications, the ability to securely determine the location or proximity of one entity relative to another is important for maintaining system security. This work concentrates on a specific and relatively new RF-based localization scheme called Received Signal Strength Ratio (RSSR). Derived from a more primitive signal-strength-based localization technique, RSSR takes the ratio of signal strength measurements at 2 (or more) receivers to determine the distance of a transmitter from the device. This construct has attracted interest for its potential utility in securing ad-hoc networks and body-area networks. However, researchers proposing RSSR as the backbone of proximity-based authentication systems have not thoroughly considered certain realistic attacker capabilities. In this work, we present a threat model that characterizes the security of an RSSR-based proximity authentication system in more detail than previous research; describe a generic attack on the security of such systems; and discuss a set of mitigation strategies that ultimately restore the effectiveness of RSSR as a secure distance and proximity verification scheme.