MAGLeak: A Learning-Based Side-Channel Attack for Password Recognition With Multiple Sensors in IIoT Environment | IEEE Journals & Magazine | IEEE Xplore

MAGLeak: A Learning-Based Side-Channel Attack for Password Recognition With Multiple Sensors in IIoT Environment


Abstract:

As an emerging technology, industrial Internet of Things (IIoT) connects massive sensors and actuators to empower industrial sectors being smart, autonomous, efficient, a...Show More

Abstract:

As an emerging technology, industrial Internet of Things (IIoT) connects massive sensors and actuators to empower industrial sectors being smart, autonomous, efficient, and safety. However, due the large number of build-in sensors of IIoT smart devices, the IIoT systems are vulnerable to side-channel attack. In this article, a novel side-channel-based passwords cracking system, namely MAGLeak, is proposed to recognize the victim's passwords by leveraging accelerometer, gyroscope, and magnetometer of IIoT touch-screen smart device. Specifically, an event-driven data collection method is proposed to ensure that the user's keystroke behavior can be reflected accurately by the obtained measurements of three sensors. Moreover, random forest algorithm is leveraged for the recognition module, followed by a data preprocessing process. Extensive experimental results demonstrate that MAGLeak achieves a high recognition accuracy under small training dataset, e.g., achieving recognition accuracy 98% of each single key for 2000 training samples.
Published in: IEEE Transactions on Industrial Informatics ( Volume: 18, Issue: 1, January 2022)
Page(s): 467 - 476
Date of Publication: 18 December 2020

ISSN Information:

Funding Agency:


I. Introduction

As The third wave of the world's information industry after computers and the internet, industrial Internet of Things (IIoT) can empower many industrial sectors to be smart, autonomous, efficient, and safe by using massive sensors and actuators [1]. As IIoT has been widely used in urban critical infrastructure [2]–[4], such as, water or natural gas networks, smart grids, and transportation systems, it is crucial to protect the security of IIoT [5], [6]. However, due to the complex and heterogeneous topology, and massive nodes with huge differences in capabilities (e.g., computing power, storage capacity, and energy), the industrial networks are vulnerable to many attacks, such as, node impersonation [7], [8], message tampering [9], and information eavesdropping [10].

References

References is not available for this document.