A team of researchers at Indian Institute of Technology, Kharagpur has come up with a solution that prevents hacking into devices supporting Internet of Things, addressing a big concern even as manufacturers roll out a host of products with internet connectivity.
Internet of Things (IoT) refers to inter-networking of physical devices and appliances, vehicles and even buildings embedded with electronics, software, sensors, etc. to enable these objects to collect and exchange data.
While such devices make life easier by allowing one to control them through voice or smartphone, experts point out that security is a big concern.
For instance, a Wi-Fi camera that connects with other devices such as a computer or mobile phone can easily fall prey to hacking, said Debdeep Mukhopadhyay to an English daily, computer science professor at IIT Kharagpur.
Researchers at the institute used routine sniffers (programme/device that monitors data traveling over a network) to attack a video the Wi-Fi camera was streaming and transferring to a PC, by first spoofing the IP of the camera and then injecting its own videos. “The PC starts recording a wrong streaming file, which can be utilised by the attacker in several ways,” Mukhopadhyay said.
“Our solution binds a unique PUF (physically unclonable functions)-based identity to the Wi-Fi camera,” he said. “As the attacker does not have any knowledge of the PUF solution(which cannot be cloned), it cannot communicate with the receiver PC.
Mukhopadhyay and his fellow researchers Rajat Subhra Chakraborty, Durga Prasad Sahoo, Urbi Chatterjee, Rajat Sadhukhan, Vidya Govindan, Sikhar Patranabis, and Harishma Boyapally have spent the last five years to design these components.
The PUFs provide a unique identity which is verified using the principles of Identity-based encryption (IBE). This solution can be used in video surveillance, smart grids, smart homes, tactical networks, medical IoT, and industrial IoT applications.
By Baishakhi Dutta