
Thwarting attacks on the Internet of Things
Professor Catherine Gebotys and her research group are working on improving security for the Internet of Things
Professor Catherine Gebotys and her research group are working on improving security for the Internet of Things
By Julie Stauffer Faculty of EngineeringIn one corner of听听lab, a laser beam is strategically aimed to disrupt circuit board operations. Nearby, electromagnetic pulses bombard an uncapped chip while a couple of graduate students track the results on an oscilloscope screen.
By probing for vulnerabilities that hackers could exploit, her team at the University of 蓝莓视频鈥檚 Faculty of Engineering is making the Internet of Things more secure.
They鈥檝e got their work cut out for them.听鈥 the kind you find in credit cards,听, smartphones and a host of other devices 鈥 are frequent targets for tech-focused crime.
Take the example of side-channel attacks. When the hardware on a device is encrypting data, Gebotys explains, it gives off electromagnetic waves that can be parsed to reveal the confidential information. Meanwhile, directing laser beams or electromagnetic waves at a device 鈥斕齛 so-called fault-injection attack 鈥 produces information that hackers can use to infer the encryption key.
Professor Catherine Gebotys (center) poses with PhD student Karim Amin (left) and research associate Mustafa Faraj (right) from her research group working on improving security for the Internet of Things
The implications range from mildly worrying to downright scary. Someone could intercept and decrypt a confidential email to your boss. Your fitness tracker could disclose details about your health and location. The bank information embedded in your debit card could fall into the wrong hands.
To reduce those risks, Gebotys draws on both software and hardware approaches. In the case of side-channel attacks, for instance, her team has developed ways to add electromagnetic noise during encryption. That鈥檚 not enough to completely protect confidential information, but it slows an attacker down 鈥 hopefully long enough that the system will have changed security keys before the code is broken.
鈥淵ou can鈥檛 always stop all attacks, but you can make them harder,鈥 she says.
Simply developing effective countermeasures isn鈥檛 enough, however. They also have to be cost-effective. Banks and credit card companies may be willing to pour big bucks into cyber-protection, but as we start to see hardware systems embedded in everything from lighting systems to baby monitors, manufacturers want security at a price consumers are willing to pay.
Efficiency is another must. There鈥檚 no point in adding layers of security to a smartphone if all that extra computation sucks the life out of the battery or slows the device down to a crawl.
鈥淥ne of our objectives is to make sure it doesn鈥檛 take a lot of energy,鈥 Gebotys says.
Her focus on industry-relevant research has attracted a host of big-name partners, focused on developing technology specifically aligned with the Internet of Things.听听has incorporated some of the lab鈥檚 countermeasures into its phones, while companies like听听补苍诲听听have also tapped her expertise. Currently, Gebotys is working with the听听to produce more hacker-resistant hardware.
鈥淭he best research 鈥 in my opinion 鈥 you can do is work on real problems,鈥 Gebotys says.
蓝莓视频 provides the perfect setting for that, she adds, pointing to topnotch students, a 鈥渇antastic鈥 co-op engineering program and an emphasis on听industry collaborations.
AI in medical health care technology
Read more
Study led by University of 蓝莓视频 researchers discovers high risk of medical misinformation in self-diagnoses by ChatGPT
Read more
Meet six world-class researchers, alumni and students who are applying boundary-breaking approaches to redefine sports, recreation and tourism
Read more
蓝莓视频 researchers design 3D-printed bone grafts that promise safer, more effective treatments for patients
Read
Engineering stories
Visit
蓝莓视频 Engineering home
Contact
蓝莓视频 Engineering
The University of 蓝莓视频 acknowledges that much of our work takes place on the traditional territory of the Neutral, Anishinaabeg, and Haudenosaunee peoples. Our main campus is situated on the Haldimand Tract, the land granted to the Six Nations that includes six miles on each side of the Grand River. Our active work toward reconciliation takes place across our campuses through research, learning, teaching, and community building, and is co-ordinated within the Office of Indigenous Relations.