Determining Proximal Geolocation of IoT Edge Devices via Covert Channel

Md Nazmul Islam, Vinay C Patil, Sandip Kundu
University of Massachusetts Amherst


Abstract

Many IoT devices are part of fixed critical infrastructure, where the mere act of moving an IoT device may constitute an attack. Moving pressure, chemical and radiation sensors in a factory can have devastating consequences. Relocating roadside speed sensors, or smart meters without knowledge of command and control center can similarly wreck havoc. Consequently, authenticating geolocation of IoT devices is an important problem. Unfortunately, an IoT device itself may be compromised by an adversary. Hence location information from the IoT device cannot be trusted. Thus, we have to rely on infrastructure to obtain a proximal location. Infrastructure routers may similarly be compromised. Therefore, there must be a way to authenticate trusted routers remotely. Unfortunately, IP packets may be blocked, hijacked or forged by an adversary. Therefore IP packets are not trustworthy either. Thus, we resort to covert channels for authenticating internet packet routers as an intermediate step towards proximal geolocation of IoT devices. Several techniques have been proposed in the literature to obtain the geolocation of an edge device, but it has been shown that a knowledgeable adversary can circumvent these techniques and evade. In this paper we survey the state of the art geolocation techniques and corresponding adversarial countermeasures to evade geolocation to justify use of covert channels on networks. We propose a technique for determining proximal geolocation using covert channel. Challenges and directions for future work are also provided.