·Researchers have found that tools sufficient to eavesdrop on certain 6G wireless signals can be created in as little as five minutes using equipment such as office paper, inkjet printers, metal foil transfer machines and laminators.
·The study shatters a common misconception in the wireless communications industry that high-frequency signals are naturally secure.
The annual wireless and mobile security/privacy conference organized by the Association for Computing Machinery, ACM WiSec 2022, is coming up this week in San Antonio. Engineering researchers from Rice University and Brown University will present at the conference the first-ever discovered security vulnerabilities and attack techniques for 6G networks.
Awareness of future threats is the first step in dealing with such threats,” said study co-author Edward Knightly, a professor in Rice’s Department of Electrical and Computer Engineering. While the bands vulnerable to attacks are not yet in actual use, the time for use is not far off and we must be prepared.” Show the importance of being prepared in data protection.
“Intermediate Superlative Surface”Attack
In their research, Knightly and Brown University engineering professor Daniel Mittleman and colleagues found that malicious hackers could easily create a sheet of office paper covered with 2D foil symbols (the equivalent of a superlative surface) and use it to redirect a portion of the 150 GHz “pen beam” transmitted between two users. “.
They call this attack method “Metasurface-in-the-Middle”, which describes both the nature of the tool itself and how it is used.
A “superlative surface” device is a thin film material with a specific pattern designed to manipulate the direction of light or electromagnetic wave transmission.
The term “intermediate” represents the computer security industry’s classification of an attack in which a malicious hacker secretly intervenes between two communicating parties.
The 150 GHz frequency is higher than those used in current 5G cellular or Wi-Fi networks. But Knightly said wireless telecom operators plan to launch new services using 150 GHz or similar frequencies in the next decade, calling them terahertz wave or millimeter wave technology.
Knightly explained, “The next generation of wireless communications will use high frequency bands with pencil-shaped beams to support broadband applications such as virtual reality and self-driving cars.” At the ACM WiSec conference, Knightly will present the results with co-author and lab graduate student Zhambyl Shaikhanov.
Specific Attack Process
In this experiment, the researchers used Alice and Bob to refer to the two parties whose communications were hacked, and the eavesdropper was called Eve.
To carry out the attack, Eve first designed a superlattice surface that diffracted a portion of the narrow beam signal to her location. In the demonstration, the researchers designed a pattern with hundreds of rows of open rings. These open rings resemble the letter C, but differ from each other, with different directions and sizes of openings.
These openings and directions are designed to allow the signal to diffract in a specific direction as Eve designed it,” Shaikhanov said. After designing the superlative surface, Eve can print the image on a regular laser printer and then use a stamping technique to create it. A metal foil is placed on the printed paper, fed into a laminator, and heat and pressure bond the metal to the toner.”
Mittleman and another co-author, Hichem Guerboukha, a postdoctoral fellow at Brown University, have already shown in a 2021 study that the hot stamping method can create open-loop superlattice surfaces with resonant frequencies up to 550 GHz.
Mittleman notes, “The method we have developed reduces the difficulty of fabricating superlattice surfaces and can help researchers test many different designs quickly and inexpensively. But at the same time, it lowers the bar for eavesdroppers to do their dirty work.”
Breaking the Myths of HF Communication Security
The researchers said they hope the study will dispel a common misconception in the wireless communications industry that high-frequency signals are naturally secure.
Shaikhanov emphasized that “there is always the argument that millimeter wave frequencies are ‘hidden’ and ‘highly classified’ and have ‘good security. This is understandable, after all, “as long as the beam is narrow enough, no one can physically intervene between the transmitter and the receiver to eavesdrop on the signal. But we proved with our research that Eve’s side can launch an attack without stepping into the middle.”
The study shows that it is currently difficult to detect such attacks at either Alice or Bob’s end. Although the super glowing surface must still be placed between Alice and Bob, Knightly mentioned that “it could be hidden in the environment, for example, by blending into the paper.”
Knightly also believes that now that wireless researchers and device manufacturers are aware of this attack method, further research can be conducted to develop targeted detection systems and integrate them into terahertz networks.
Knightly emphasized, “If we could have foreseen the massive damage to Web servers from denial-of-service attacks on day one of the Internet, there would certainly have been some design tweaks. By contrast, a reactive cycle of build first -> wait for an attack to happen -> try to fix it later is obviously much more expensive than security pre-design.”
Both millimeter wave frequencies and superlattice surfaces are new technologies, and both will open up new paths for the communications industry. But in the face of any new communications capability, we should first ask, “What if an adversary takes control of this technology? What new and unprecedented capabilities will they gain as a result? And how do we build secure networks that are strong enough to withstand powerful adversaries?”
To we build secure networks that are strong enough to withstand powerful adversaries, we need to be prepared for data disaster recovery. No matter how the adversary attacks, we must build a data security network, a complete data protection system. Both companies and individuals should build their own data disaster recovery systems in order to prevent attacks. There are many software that do data disaster recovery, common data protection environments are VMware Backup, Hyper-V Backup, and so on.