Forensic Mapping, Identification and Examination of IoT Devices

Important results from the project

The main goals of the project were a proof of concept study concerning side channel analysis of radiation emitted by IoT devices, to network with other research groups and interest groups and writing a research proposal. The first goal was completed, the second goal was partially completed and the third goal was not completed. COVID-19 meant that two planned workshops were cancelled and many research groups have temporarily diverted resources towards research aimed at COVID-19 problems.

Expected long term effects

The project showed that the electromagnetic radiation emitted by an IoT device can be used to detect it and also classify what kind of program is running on the device. An experimental methodology for more comprehensive experiments was established, based on refining a method published by another research group. The project also established firm collaboration with an international partner university as well as initiate various other contacts. Information leakage from IoT devices is something manufactures will need to consider.

Approach and implementation

The experiments use a Rasberry Pi as a target. Detection and analysis ranged from 30 MHz to 3 GHz. THe data were analysed with WEKA and neural networks. Now that it has been established that electromagnetic radiation can be a sidechannel through which important data can leak, further work could focus on testing of IoT products for security leaks. The methodology we have established could be easily expanded to this kind of work. ECH already does a lot of work in EMC product testing and we see expanding these test to information leakage as a natural development.