IoT Droplocks: Wireless Fingerprint Theft Using Hacked Smart Locks

Kerrison, Steve (2022) IoT Droplocks: Wireless Fingerprint Theft Using Hacked Smart Locks. In: Proceedings of the IEEE Conference on Cybermatics/2022 IEEE International Conferences on Internet of Things. From: IEEE iThings-2022: 15th IEEE International Conference on Internet of Things, 22-25 August 2022, Espoo, Finland.

[img] PDF (Published Version) - Published Version
Restricted to Repository staff only

View at Publisher Website: https://doi.org/10.1109/iThings-GreenCom...
 
5


Abstract

Electronic locks can provide security- and convenience-enhancing features, with fingerprint readers an increasingly common feature in these products. When equipped with a wireless radio, they become a smart lock and join the billions of IoT devices proliferating our world. However, such capabilities can also be used to transform smart locks into fingerprint harvesters that compromise an individual's security without their knowledge. We have named this the "droplock" attack. This paper demonstrates how the harvesting technique works, shows that off-the-shelf smart locks can be invisibly modified to perform such attacks, discusses the implications for smart device design and usage, and calls for better manufacturer and public treatment of this issue.

Item ID: 75092
Item Type: Conference Item (Research - E1)
ISBN: 978-1-6654-5417-9
Related URLs:
Copyright Information: © Copyright IEEE 2022
Research Data: https://doi.org/10.25903/7qws-e597
Date Deposited: 13 Oct 2022 23:52
FoR Codes: 46 INFORMATION AND COMPUTING SCIENCES > 4606 Distributed computing and systems software > 460603 Cyberphysical systems and internet of things @ 34%
46 INFORMATION AND COMPUTING SCIENCES > 4604 Cybersecurity and privacy > 460405 Hardware security @ 33%
46 INFORMATION AND COMPUTING SCIENCES > 4604 Cybersecurity and privacy > 460406 Software and application security @ 33%
SEO Codes: 24 MANUFACTURING > 2404 Computer, electronic and communication equipment > 240402 Consumer electronic equipment (excl. communication equipment) @ 50%
22 INFORMATION AND COMMUNICATION SERVICES > 2201 Communication technologies, systems and services > 220104 Network security @ 50%
Downloads: Total: 5
More Statistics

Actions (Repository Staff Only)

Item Control Page Item Control Page