This poster concisely presents my research during my time at Florida International University. Experiments showed that data could be transferred to Android devices via sensor inputs, allowing the light sensor to be abused by environment light modulation and malware to be triggered or possibly transferred and data such as location information to be detected. With the development of an Android ROM to monitor this abuse, the sensory channel can be secured.
An IDS for Secure Visible Light Communication on Android Devices
1. Benjamin Graham, A. Selcuk Uluagac, and Nezih Pala,
Florida International University
Department of Electrical and Computer Engineering
bgraham@fiu.edu, auluagac@fiu.edu, npala@fiu.edu
• Communication by capturing the modulation (on/off signals) of LED
lights from an encoder (light fixture) to a receiver (user device).
• The modulation is then decoded into bytes on the receiving device.
• Develop the IDS as a cloud network
operation to relieve device CPU
stress.
• Pursue IDS implementation for all
sensors on Android devices.
• Adapt the IDS to respond/ignore
VLC Network protocol 802.15
WHAT IS VISIBLE LIGHT COMMUNICATION? MALWARE INJECTION CHANNEL
ABSTRACT
AN IDS FOR SECURE VISIBLE LIGHT COMMUNICATION ON
ANDROID DEVICES
1. Radio Frequency Based
Implementation
1. Small frequency spectrum
2. Wide range of capture
3. Requires intricate radio tower
infrastructure
2. Data Rates
1. Limited bitrate
2. Max: 20-25 Mbits/sec
With 14 billion LED lighting systems installed worldwide, the field of Visible Light Communication has emerged over the last decade to harness their capabilities. This technology allows devices to take advantage of the rapid modulation made possible by LEDs
to transmit data at bitrates of over 100 times that of modern WiFi connections. Over the next few years as VLC research and development rise we can expect to see the addition of photoreceptor sensors for this data transmission on mobile devices such as
smartphones and tablets. In the past, sensors such as these were identified to be unsecure in the face of malicious code injection and activation as malware can be transmitted and decoded through sensory input on a device bypassing restrictions in many
cases. The research presented here is performed in an effort to secure this sensory channel on Android mobile devices.
VLC WIFI
1. Light Implementation
1. Diverse spectrum for data
transmission
2. Does not travel through walls
3. Requires minimal installation
and infrastructure
2. Data Rates
1. Large bitrate
2. Current rates: 500Mbits/sec
AN INTRUSION DETECTION SYSTEM
1. Photoreceptors on the device intended for VLC can capture more
than known data transfer signals.
2. A hacker can encode malware through light modulation in an LED
system.
3. Photoreceptors on device capture the modulation and preinstalled
seemingly harmless code can decrypt the the signal into the intended
message.
4. Once on the device it can report back information to the hacker.
• System monitors sensory inputs and stores normal responses.
• When an abnormality is found in sensory input, GPU levels can
be checked for irregularities.
• If an irregularity is discovered the input sequence is marked as
malicious and will be ignored in the future.
IMPLEMENTATION
• In Android OS sensors must be called programmatically to power
them and begin logging inputs.
• By altering the source code provided by Google and installing on a
device, sensor data can be made public for the whole system to view.
• This data can include the package that calls for the sensor and the
sensory data received by the package.
• Making this information readily available allows for the creation of an
IDS by monitoring data logs and classifying input as normal or
malicious.
• Sensory inputs and their corresponding GPU level outputs can now be
directly linked to the application which calls for the sensor initialization.
• The sensory input sequence can be flagged and ignored by the system if
it arises again.
FUTURE WORK REFERENCES
• A. S. Uluagac, V. Subramanian, and R. Beyah. Sensory channel
threats to cyber physical systems: A wake-up call. In
Communications and Network Security (CNS), 2014 IEEE
Conference on, pages 301–309, Oct 2014.
• Iker Burguera, Urko Zurutuza, and Simin Nadjm-Tehrani.
Crowdroid: Behavior-based malware detection system for
android. In Proceedings of the 1st ACM Workshop on Security
and Privacy in Smartphones and Mobile Devices, SPSM ’11,
pages 15–26, New York, NY, USA, 2011. ACM.
• H. Elgala, R. Mesleh, and H. Haas. Indoor optical wireless
communication: potential and state-of-the-art. IEEE
Communications Magazine,49(9):56–62, September 2011.
• Y. Tanaka, T. Komine, S. Haruyama and M. Nakagawa, "Indoor
visible communication utilizing plural white LEDs as
lighting," Personal, Indoor and Mobile Radio Communications,
2001 12th IEEE International Symposium on, San Diego, CA,
2001, pp. F-81-F-85 vol.2.
• Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, and
Yael Weiss. “Andromaly”: a behavioral malware detection
framework for android devices. Journal of Intelligent
Information Systems, 38(1):161–190, 2012
VLC ON ANDROID DEVICES
• VLC proves to be more secure than WiFi as it does not travel through
walls. Eavesdroppers must not only be able to mimic user
authentication, but be in the room with the user as well.
• This security combined with the bitrates of 500Mbits/sec leads to a
large push for VLC on a future generation of smart devices and
Android devices specifically.
• While VLC is currently possible using the rolling shutter effect of most
camera enabled devices on the market, this is significantly slower and
consumes a great deal of power to sustain.
• In order to use VLC within reasonable limits, Android devices will be
equipped with photoreceptors to monitor modulations in light. These
sensors will act much like the current light sensors on devices, but
with much more accuracy and precision as well as larger power
requirements.
ACKNOWLEDGEMENTS
This work was partly
supported by the US NSF
Research Experiences for
Undergraduates Sites
Program Grant No: REU-
CNS-1461119.
Sensory Channel Intrusion Assessment and
Detection [1]
Sample Public Log Output