Computer Science Seminar: Zhongjie Ba
This event is open to all Illinois Tech students and faculty.
Internet of things (IoT) play an increasingly important role in our daily life. With the accelerated development of embedded sensing and communication techniques, interconnected physical devices are able to jointly perform sophisticated tasks and support abundant, unprecedented services for the world. In this context, the wide variety of embedded sensors allow IoT devices to detect all sorts of changes in the environment and are widely recognized as one of the key enablers toward IoT. The role of embedded sensors in IoT security, however, can be two-fold. On the one hand, they can be employed to build up innovative security systems and to ensure that IoT devices can be trusted to be what they purport to be. On the other hand, they can also be exploited by adversaries to spy on user privacy in scenarios that have never been considered before. In both cases, it is important to study and understand the capability of embedded sensors, as well as their security implications.
In this talk, Zhongjie Ba will use two examples to illustrate the potential of embedded sensors in attacking and securing IoT devices. Ba will first present a brand new hardware-rooted device authentication system that utilizes the physical characteristics of image sensors to identify and authenticate modern smartphones. The proposed mechanism allows a verifier to authenticate a smartphone through examining just one photo taken by the device. We study various security issues underlying the proposed system and demonstrate its usability through real-world experiments. Next, Ba will present an accelerometer-based side-channel attack that can eavesdrop on the speaker in a smartphone without the requirement of sensitive system permissions. It utilizes a smartphone’s accelerometer to capture the vibration signals incurred by smartphone speakers and employs learning techniques to extract the speech information from the accelerometer measurements. In particular, the proposed attack is able to recognize hot words and digits from phone conversations and to reconstruct the audio signal played by the smartphone speaker.
Ba is currently a postdoctoral researcher in the School of Computer Science at McGill University. He received his Ph.D. in Computer Science and Engineering from the State University of New York at Buffalo. He has published in peer-reviewed security conferences and journals, including CCS, NDSS, ICDCS, and IEEE Trans. Inf. Forensics Security. His research interests include the security and privacy aspects of internet of things, forensic analysis of multimedia content (sensor fingerprints), and privacy-enhancing technologies in the context of collaborative deep learning.