Technology

To Detect Hardware Tampering using Radio Waves

To Detect Hardware Tampering using Radio Waves

Radio waves can be used to detect hardware tampering by exploiting the change in electromagnetic properties of the device. This can be achieved by embedding sensors or antennas into the device that are capable of detecting alterations to the electromagnetic environment, such as changes in the frequency or intensity of the radio waves. This information can then be used to detect and alert of any unauthorized access or tampering attempts. It’s important to note that radio wave detection is just one of the many methods used for hardware tampering detection and the effectiveness of the method depends on the specifics of the implementation and the environment in which it is used.

Up until now, safeguarding hardware against manipulation has been a difficult process that has been costly and limited in scope. However, two straightforward antennas might be sufficient.

In terms of data security, tampering with hardware that can be used to read out information, such as credit card data from a card reader, presents an even greater risk than remote cyberattacks. A fresh technique to identify such manipulations has been created by researchers in Bochum. With radio waves that respond to even the smallest changes in the environment, they keep an eye on the systems. They can thus protect entire systems, not just individual components, in contrast to conventional methods, and they can do so for less money. The RUB’s science magazine Rubin features a report by the team from Ruhr-Universität Bochum (RUB), the Max Planck Institute for Security and Privacy and the IT company PHYSEC.

Paul Staat and Johannes Tobisch presented their findings at the IEEE Symposium on Security and Privacy, which took place in the USA from 23 to 25 May 2022. Both researchers are doing their PhDs at RUB and conducting research at the Max Planck Institute for Security and Privacy in Bochum in Professor Christof Paar’s team. For their research, they are cooperating with Dr. Christian Zenger from the RUB spin-off company PHYSEC.

In terms of data security, tampering with hardware that can be used to read out information, such as credit card data from a card reader, presents an even greater risk than remote cyberattacks. A fresh technique to identify such manipulations has been created by researchers in Bochum.

Protection through radio waves

Data is ultimately nothing more than electrical currents that move along conductive paths between various computer components. It only takes a tiny metallic object strategically placed on the hardware to allow access to the data streams. Only specific system parts, like a processor or important memory component, can currently be shielded from such manipulations. Paul Staat explains that this is typically accomplished by wrapping the hardware component in a type of foil with thin wires. “An alarm is triggered if the foil is damaged.”

But the Bochum radio wave technology allows for system-wide monitoring. The system has a transmitter and a receiver that the researchers install as two antennas to achieve this. The transmitter emits a unique radio signal that travels throughout the entire system and is reflected off of the walls and electronic components. A signal that is as unique to the system as a fingerprint is transmitted to the receiver as a result of all these reflections.

Radio waves for the detection of hardware tampering
Radio waves for the detection of hardware tampering

Technology reacts to the slightest changes

The team showed in experiments that small modifications to the system are sufficient to produce a discernible change in the fingerprint. An ordinary computer was given radio antennas by IT professionals, who also drilled holes periodically into the housing of the computer. The researchers poked a thin metal needle through these holes to see if they could detect any changes in the radio signal as they traveled through the system. They varied the depth of penetration, position, and needle thickness throughout the process.

They successfully used their system to detect the penetration of a needle that was 0.3 millimeters thick from a penetration depth of one centimeter while the computer was running. Even though the needle was only 0.1 millimeters thick, or about as thick as a hair, the system was still able to detect it in some locations. Staat explains that it is easier to detect a needle the closer it is to the receiving antenna. Tobisch continues, “Therefore, it makes sense to think carefully about where you place the antennas in practical applications. They ought to be situated as near as possible to the parts that need a high level of protection.

In essence, the technology is appropriate for both high-security applications and common issues. It is already used by the IT firm PHYSEC to stop unauthorized manipulation of crucial infrastructure parts.