When the Hardware Traps Criminals

Technology Reacts to the Slightest Changes
Tiny changes to the system are enough to have a noticeable effect on the fingerprint, as a demonstration by the two researchers shows: they have built their radio technology into an old computer housing. The measured radio signal is rendered visible on a laptop as a curve that shows the strength of the signal at different frequencies in real time. Then, Staat and Tobisch unscrew one of the screws on the outside of the housing a little. The frequency curve reacts with a noticeable deflection that wasn’t there before.

For their research, Johannes Tobisch and Paul Staat take a more systematic approach. Their test object is a conventional computer with holes drilled in its casing at regular intervals. Through these holes, the researchers can let a fine metal needle penetrate the inside of the system and check whether they notice the change in the radio signal. In the process, they vary the thickness of the needle, the position and the depth of penetration. To ensure that the experiment takes place under controlled and reproducible conditions, the researchers have specifically purchased a high-precision robot that inserts the needle into the housing with micrometer precision.

Measurements While the Computer’s Running
“A unique aspect of our approach is that we are carrying out the experiment while the computer is running,” points out Tobisch. This causes all kinds of interference. “The fans are like little hoovers and the processor is like a heater,” illustrates Staat. These fluctuations in the ambient conditions affect the radio signal. The researchers have to measure such disturbances and factor them out in order to determine whether fluctuations in the signal are legitimate or the result of manipulation.

The IT experts from Bochum can reliably detect the penetration of a needle 0.3 millimeters thick with their system from a penetration depth of one centimeter. The system still detects a needle that is only 0.1 millimeters thick – about as thick as a hair – but not in all positions. “The closer the needle is to the receiving antenna, the easier it is to detect,” explains Staat. The thinner and further away the needle, the more likely it is to go undetected. The same applies to the penetration depth: the deeper the needle is in the system, the easier it is to detect. “Therefore, in practical applications, it makes sense to think carefully about where you place the antennas,” as Tobisch sums up the findings. “They should be as close as possible to the components that require special protection.”

Johannes Tobisch and Paul Staat let their experiment run for ten days, thus showing that the measuring system remains stable over a prolonged period. Later, they even extended the measurement period to a whole month. In addition to expensive high-precision measuring technology for recording the fingerprint, they also compared the radio signal with simple technology that sells for a handful of euros. They found that this technology did the job, too, albeit with a slightly lower hit rate. “It’s always a compromise between cost and accuracy,” says Paul Staat.

Depending on the intended use, the impact of ambient conditions would also have to be taken into account. After all, if the temperature or humidity in the room changes, these changes can also affect the radio fingerprint. “We hope to tackle such problems in the future with the help of machine learning,” anticipates Johannes Tobisch. The idea is that artificial intelligence could autonomously learn which changes in the radio signal are due to non-critical changes in the surroundings and which are due to manipulation.

Broad Application Possible
“Fundamentally, there’s nothing standing in the way of a broad application of this technology. It is suitable for both high-security applications and everyday problems,” stresses Christian Zenger, founder and CEO of PHYSEC. The IT company already uses the technology to prevent unauthorized manipulation of critical infrastructure components. “There are plenty of other technical systems that need to be protected not only from remote cyberattacks but also from hardware manipulation,” he adds. “Examples include control units in cars, electricity meters, medical devices, satellites and service robots.”