Securing IoT Devices by Exploiting Backscatter Propagation Signatures

The low-power radio technologies open up many opportunities to facilitate Internet-of-Things (IoT) into our daily life, while their minimalist design also makes IoT devices vulnerable to many active attacks. Recent advances use an antenna array to extract fine-grained physical-layer signatures to identify the attackers, which adds burdens in terms of energy and hardware cost to IoT devices. In this paper, we present ShieldScatter, a lightweight system that attaches low-cost tags to single-antenna devices to shield the system from active attacks. The key insight of ShieldScatter is to intentionally create multi-path propagation signatures with the careful deployment of tags. These signatures can be used to construct a sensitive profile to identify the location of the signals' arrival, and thus detect the threat. In addition, we also design a tag-random scheme and a multiple receivers combination approach to detect a powerful attacker who has the strong priori knowledge of the legitimate user. We prototype ShieldScatter with USRPs and tags to evaluate our system in various environments. The results show that even when the powerful attacker is close to the legitimate device, ShieldScatter can mitigate 95 percent of attack attempts while triggering false alarms on just 7 percent of legitimate traffic.