Hardware is the technical term for the tangible components of an electronic device, including a computer monitor, scanner, keyboard, or mouse. Hardware can be subjected to attacks that are a severe risk to data security and allows the attacker to gain information – such as credit card details, passwords, or records – from the system.
German researchers from Ruhr-Universität Bochum, the Max Planck Institute, and the IT security company PHYSEC have rallied together to find an effective way to protect against this electronic invasion, recently sharing their findings at the IEEE Symposium on Security and Privacy. Using radio waves, the team developed a system that reacts to minuscule changes in the ambient conditions around the hardware.
What makes this idea innovative is its ability to protect the entire system, rather than single components like previous attempts. “Typically, this is done with a type of foil with thin wires in which the hardware component is wrapped,” explains Paul Staat, co-leader of the study. “If the foil is damaged, an alarm is triggered.” This foil system, however, has various weak spots.
The team’s novel radio wave system uses two antennas – a transmitter and a receiver. The transmitter releases radio signals which are reflected off the walls and components of the computer. If the receiver senses that these reflections differ from an intact and unaltered system, it alerts the user.
To test how sensitive their system really is, the group punctured holes in the equipment using very fine needles. They discovered that the radio wave detector could reliably identify the penetration of a needle 0.3 millimeters thick with their system from a penetration depth of one centimeter. Depending on its position, the radio waves even detected a needle with a thickness of 0.1 millimeters thick, which is impressively the width of a strand of hair!
The monitoring system sometimes misses these tiny protruding objects that are close to the transmission antenna. “Therefore, in practical applications, it makes sense to think carefully about where you place the antennas,” adds Johannes Tobisch, the other co-author of the study. “They should be as close as possible to the components that require a high degree of protection.”
This important system could be used to protect cyber data in numerous settings: from high-security banking to everyday computers. PHYSEC has already installed this technology to prevent unauthorized manipulation of critical infrastructure in their computer systems.
Source study: IEEE Symposium on Security and Privacy – Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems