2026-03-23 リンショーピング大学
Image from experiments in which sensor data was manipulated to avoid detection.
<関連情報>
- https://liu.se/en/news-item/sensors-could-be-new-witnesses-in-criminal-investigations
- https://www.sciencedirect.com/science/article/pii/S2666281725000198
建物に潜む幽霊:自動化された建物に対する非侵襲的ななりすましと秘密裏の攻撃 The ghost in the building: Non-invasive spoofing and covert attacks on automated buildings
Johnny Bengtsson
Forensic Science International: Digital Investigation Available online: 15 January 2025
DOI:https://doi.org/10.1016/j.fsidi.2025.301880
Highlights
- Conducted non-invasive spoofing and covert attacks on PIR and CO2 sensors to elevate awareness of data trustworthiness.
- Sensor fusion of PIR and CO2 data reveals non-invasive covert attacks on CO2 sensors.
- Spoofing plain-text radio-frequency packet data demonstrates the feasibility of injecting falsified event log records.
Abstract
Sensor and actuator event log analyses within the context of digital forensics are crucial for understanding events in automated buildings, such as in a building automation and control system (BACS) or a home automation system (HAS). Conclusions drawn from erroneous, misleading, or corrupted log data may adversely affect crime scene investigations and reconstructions. This work aims to raise awareness of the potential risk of misinterpretation due to corrupted or tampered data from BACS or HAS event log systems.
A series of non-invasive sensor and actuator attacks on such systems was designed and conducted to determine the feasibility of: 1) injecting spoofed pyroelectric infrared (PIR) and carbon dioxide (CO2) sensor event log records, 2) becoming invisible to PIR sensor and CO2 sensors, and 3) mimicking the behaviour of an actuator with the aim of injecting spoofed event log records. The study also concludes that sensor fusion can reveal activities that were concealed from CO2 sensors. Furthermore, this work discusses the adversarial perspectives in the cyber-physical (CPS) domain in relation to these findings.
