{"title":"The ghost in the building: Non-invasive spoofing and covert attacks on automated buildings","authors":"Johnny Bengtsson","doi":"10.1016/j.fsidi.2025.301880","DOIUrl":null,"url":null,"abstract":"<div><div>Sensor and actuator event log analyses within the context of digital forensics are crucial for understanding events in automated buildings, such as in a building automation and control system (BACS) or a home automation system (HAS). Conclusions drawn from erroneous, misleading, or corrupted log data may adversely affect crime scene investigations and reconstructions. This work aims to raise awareness of the potential risk of misinterpretation due to corrupted or tampered data from BACS or HAS event log systems.</div><div>A series of non-invasive sensor and actuator attacks on such systems was designed and conducted to determine the feasibility of: 1) injecting spoofed pyroelectric infrared (PIR) and carbon dioxide (CO<sub>2</sub>) sensor event log records, 2) becoming invisible to PIR sensor and CO<sub>2</sub> sensors, and 3) mimicking the behaviour of an actuator with the aim of injecting spoofed event log records. The study also concludes that sensor fusion can reveal activities that were concealed from CO<sub>2</sub> sensors. Furthermore, this work discusses the adversarial perspectives in the cyber-physical (CPS) domain in relation to these findings.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"52 ","pages":"Article 301880"},"PeriodicalIF":2.0000,"publicationDate":"2025-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666281725000198","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Sensor and actuator event log analyses within the context of digital forensics are crucial for understanding events in automated buildings, such as in a building automation and control system (BACS) or a home automation system (HAS). Conclusions drawn from erroneous, misleading, or corrupted log data may adversely affect crime scene investigations and reconstructions. This work aims to raise awareness of the potential risk of misinterpretation due to corrupted or tampered data from BACS or HAS event log systems.
A series of non-invasive sensor and actuator attacks on such systems was designed and conducted to determine the feasibility of: 1) injecting spoofed pyroelectric infrared (PIR) and carbon dioxide (CO2) sensor event log records, 2) becoming invisible to PIR sensor and CO2 sensors, and 3) mimicking the behaviour of an actuator with the aim of injecting spoofed event log records. The study also concludes that sensor fusion can reveal activities that were concealed from CO2 sensors. Furthermore, this work discusses the adversarial perspectives in the cyber-physical (CPS) domain in relation to these findings.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
