Signal Emulation Attack and Defense for Smart Home IoT

Internet of Things (IoT) is transforming every corner of our daily life and plays important roles in the smart home. Depending on different requirements on wireless transmission, dedicated wireless protocols have been adopted on various types of IoT devices. Recent advances in Cross-Technology Communication (CTC) enable direct communication across those wireless protocols, which will greatly improve the spectrum utilization efficiency. However, it incurs serious security concerns on heterogeneous IoT devices. In this paper, we identify a new physical-layer attack, cross-technology signal emulation attack, where a WiFi device eavesdrops a ZigBee packet on the fly, and further manipulates the ZigBee device by emulating a ZigBee signal. To defend against this attack, we propose two defense strategies with the help of an anchor. Particularly, the passive defense strategy focuses on misleading the ZigBee signal eavesdropping, while the proactive approach develops a real-time detection mechanism on distinguishing between a common ZigBee signal and an emulated signal. We implement the complete attacking process and defense strategies with TI CC26x2R LaunchPad, USRP-N210 platform, and smart LED light bulbs, as well as a self-designed prototype, where a general light bulb can be turned on/off by a Nexus 5 smartphone directly. Extensive experiments have demonstrated the existence of the attack, and the feasibility, effectiveness, and accuracy of the proposed defense strategies.