George Mason University researchers are exploring how the monitoring of analog signals could be a low-cost way to assess the cybersecurity safety of devices connected to the internet, commonly referred to as the internet of things (IoT).
Even when they’re off, our devices are giving off heat, have fluctuating power consumption and are radiating electromagnetic waves.
The Center for Assurance Research and Engineering (CARE) in George Mason’s Volgenau School of Engineering will research and develop a technology to decipher changes in analog signals to reveal whether IoT devices have been compromised by cyber attackers, thanks to $1.5 million award from the Defense Advanced Research Projects Agency (DARPA).
The research team includes J.P. Auffret, director of the Research Partnerships and Grants Initiative in the School of Business, and Angelos Stavrou, CARE director.
“At a time when everything from power plants to wearable fitness bands is being connected to the internet, we need to develop cybersecurity products to keep society safe,” said Auffret. “The idea of using traditional analog signals as a cybersecurity alert system shows great promise as a reliable, low-cost innovation.”
As part of the research project, Auffret and Stavrou are partnering with Vienna, Va.-based PFP Cybersecurity to create the Leveraging the Analog Domain for Security Program, funded by DARPA.
The goal of the program is to establish monitors that can detect unusual behavior in power consumption, electromagnetic fields, thermal variations, acoustic emanations and other physical parameters. Mapping changes on devices, such as whether unauthorized code is executing or whether configuration settings have been modified, could lead to the identification of attacker behavior.
DARPA is looking for protection technologies for embedded and IoT devices. Rather than relying on traditional on-device or on-network monitoring, the program calls for decoupling security from IoT devices so that, if the device itself is compromised, the protection mechanism is not impacted. This also allows the use of other resources that are unconstrained by the design considerations of the protected device.
PFP Cybersecurity has already developed technology to detect tiny anomalies in power patterns to catch attacks. The system compares output from processors to a baseline established when the device is performing appropriately. An alarm is triggered when differences appear that might represent malicious activity. The long-range goal is to bring the cost of the PFP monitoring technology down to pennies per device.
“CARE has a history of forming highly productive, strategic research partnerships with industry, and we’re looking forward to working with PFP to generate new cybersecurity products of great societal consequence,” said Stavrou.