Professional Documents
Culture Documents
EarFisher: Detecting Wireless Eavesdroppers
EarFisher: Detecting Wireless Eavesdroppers
978-1-939133-21-2
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 873
and applications also produce memory EMRs, which are dif- Eavesdropper detection. Prior eavesdropper detectors com-
ficult to distinguish from the eavesdropper’s responses when monly rely on sensing RF signals leaked from the front-end
the memory activities coincidentally occur at the same time of circuit of wireless receiver. This method was first proposed
bait packet transmissions. Third, despite the amplification of in [27, 36] to detect primary receivers in cognitive radio net-
multi-channel architecture, memory EMR is still very weak, works, and then extended to UWB, WiMAX, and MIMO chan-
requiring a long time of stimulus to trigger a sufficiently nels to detect hidden radios [24, 26]. Ghostbuster [13] further
strong response at the eavesdropper. However, intensive bait augments this method using spatial cancellation of interfer-
packet transmissions in a large time window can block the ence and frequency cancellation of signal artifacts, which
wireless channel, and may present a distinguishable traffic allow it to extract leakages under poor signal conditions in the
pattern that can be noticed by crafty eavesdroppers. Fourth, presence of ongoing wireless transmissions. However, Ghost-
eavesdroppers knowing the design and presence of EarFisher buster still suffers limited detection range (less than 1m for
may deliberately write its memory, which will produce strong COTS Wi-Fi receivers) because of the weak power of leakage
memory EMR that interferes with EarFisher’s detection. from RF circuit.
To address these challenges, EarFisher employs new sig- Recent studies [32, 34] show that superheterodyne and su-
nal processing algorithms to sense and separate the memory perregenerative receivers can be detected from a longer dis-
EMRs of different devices, obscures and disguises stimulus tance by exploiting the known characteristics of their RF
traffic as short bursts of normal packets, incorporates statis- leakages. However, these techniques are highly dependent
tical tool to tolerate the interfering EMRs produced by sys- on the receiver architecture. Unfortunately, superheterodyne
tem memory workloads, and exploits a fundamental dilemma and superregenerative receivers are commonly used in low-
of eavesdroppers to detect deliberate writing-based counter- power wireless remote, but are far less common in mainstream
measure. Extensive experiments show that EarFisher accu- wireless communication systems such as Wi-Fi.
rately detects eavesdroppers even under poor signal condi- More importantly, because all radios emit RF leakages dur-
tions, and is resilient to the interference of system memory ing signal reception, existing eavesdropper detectors suffer a
workloads, high volumes of normal network traffic, and the common limitation as they cannot differentiate eavesdroppers
memory EMRs of coexisting devices. We then further demon- from legitimate receivers. To sidestep this limitation, Ghost-
strate EarFisher’s effectiveness in a real testbed, where three buster assumes a threat model where the number of legitimate
EarFisher nodes are deployed to monitor an indoor area of receivers is known a priori [13]. This assumption restricts its
1600 ft2 . Experiment results show that EarFisher reliably de- usability to a very narrow range of specific scenarios.
tects eavesdroppers placed at different locations despite the EM side-channels. Recently, researchers leverage the EM
complexity of indoor environments, such as the block of walls. side channels of CPU and memory for attestation [29], mem-
ory profiling [30], and malware detection [18, 25, 37]. Dif-
2 Related Work ferent from these passive analysis, EarFisher features a new
paradigm that actively stimulates memory EMR. Moreover,
Cryptographic attacks. Since the invention of wireless com- EarFisher employs a signal processing algorithm that bases
munication, encryption has been the primary security measure on fine-grained measurement and theoretical characterization
to combat eavesdropping. However, extensive research shows of memory clock, which makes it possible to not only ex-
that eavesdroppers can compromise encryption based on a tract weak memory EMRs under poor signal conditions, but
variety of side-channel attacks [7, 8, 15, 16, 21, 22]. In partic- also separate and track individual memory EMRs when mul-
ular, Camurati et al. [11] show that the EM leakage of the tiple devices having the same memory frequency coexist in a
processor on wireless chips can be inadvertently amplified crowded environment.
by RF front-end, allowing an eavesdropper to decipher the
encryption key from a distance.
Moreover, cryptographic protocols themselves often suf- 3 Threat Model
fer fatal flaws that are difficult to identify before universal
adoption. For example, Wired Equivalent Privacy (WEP), a A wireless eavesdropper is a malicious receiver who sniffs on
security protocol ratified as a part of 802.11 in 1997, was other devices’ packets. Typically, eavesdropping can be im-
found to have fatal flaws in 2001 [14]. WEP was then super- plemented by modifying the device driver to enable monitor
seded by Wi-Fi Protected Access (WPA) in 2004, but history mode, in which a wireless chip transfers all received packets
repeated itself. In 2017, researchers demonstrated that the to the host. A recent study shows that most drivers on major
four-way handshake of WPA has a fatal vulnerability, which operating systems (e.g., Linus, Windows, macOS) support
allows eavesdroppers to compromise the encryption keychain monitor mode by default [1].
using key reinstallation attacks [35]. From 2004 to 2017, the By eavesdropping on network traffic, the attacker’s goal
vulnerability of WPA left billions of Wi-Fi users potentially is to gather sensitive data, such as personal and business re-
exposed to eavesdropping for more than 13 years. lated information, or secrets necessary to enable decipher and
874 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
man-in-the-middle attacks. Typically, wireless chips are in-
tegrated with a microcontroller and a small RAM of at most
a couple of MiBs. The on-chip system is tasked for simple
computation such as checking receiver address and verifying
packet checksum, but is far from capable of security- and
privacy-intrusive processing. As a result, the eavesdropper
must digest sniffed packets in the CPU-memory system of (a) DDR3-1600.
the host.
To this end, the wireless chip of the eavesdropper needs to
write all sniffed packets to the memory of the host. This is
typically under the control of DMA, and will produce EMR
when sniffed packets are transferred over memory bus. Specif-
ically, for SDRAMs, memory EMR can be observed as a radio
signal around the frequency of memory clock. Because DDR
uses double pumping, the clock frequency is a half of mem- (b) DDR4-2133.
ory speed. In practice, the clock frequency of a modern DDR Figure 1: The spectrum pattern of memory EMR with and
has 13 possible values ranging from 200 MHz of DDR2-400 without memory workload.
to 1600 MHz of DDR4-3200. To sense memory EMR, one
can scan DDR frequencies one by one, or use a group of sen- clock. Because memory clock injects fluctuating current into
sors to monitor multiple frequencies in parallel. In the rest memory bus, it produces EMR at the clock frequency. As
of this paper, we assume the memory clock frequency of the memory reads/writes are performed at clock edges, they am-
eavesdropper is known. plify EMR amplitude of memory clock but will not affect the
pattern of frequency spectrum.
The simplest form of a clock is a sine wave of which the
4 Characterizing Memory EMR energy is all concentrated at clock frequency. However, this
leads to a high EMR intensity that may violate regulatory re-
In this section, we present measurements and model to char- quirement for electromagnetic compatibility. To walk-around
acterize memory EMR. Our measurements are conducted on this issue, modern clock generators use spread spectrum tech-
two laptops of DDR3-1600 and DDR4-2133, respectively. A niques to reshape the energy distribution of clock. Denote an
BladeRF with an omni-directional 5 dBi antenna is employed unspread clock as,
as the receiver.
Vclk (t) = A cos(2π f0t),
4.1 Spectrum Pattern where f0 is the frequency of memory clock. A spread spec-
Measurement-based characterization. To measure the fre- trum clock is the frequency modulation of Vclk (t), which can
quency spectrum of a device’s memory EMR, we take FFT be expressed as,
over an 1s window of signals captured around the clock fre- ∆f
quency of the device’s memory. To study how memory work- Vssc (t) = A cos(2π f0t + sin(2π fmt)), (1)
fm
load impacts on memory EMR, we created a process to write
memory intensively1 , and then compare the spectrum patterns where fm and ∆ f are the modulation frequency and peak
measured before and after the start of the process. frequency deviation, respectively. By expanding Eqn. 1 using
As shown in Fig. 1, we observe that the frequency spectrum the Jacobi-Anger expansion, the frequency spectrum of Vssc (t)
of memory EMR features a series of energy peaks distributed can be expressed as [10],
over a side-band of about 1 MHz below the frequency of mem-
def ∆f
ory clock. In the presence of intensive memory workload, the kFssc ( f )k = k ∑ Jn ( )(δ( f − f0 + n fm )
amplitudes of all energy peaks increase simultaneously and n fm
significantly. To further characterize the spectrum pattern, we −δ( f − f0 − n fm ))k.
examine the auto-correlation of peak frequencies and find that
the frequency interval between consecutive peaks is constant. where Jn (·) is the Bessel function of the first kind, and δ(·) is
Specifically, for the DDR3-1600 and the DDR4-2133, the the Dirac delta function.
frequency intervals are 31.8 KHz and 31.2 KHz, respectively. To maintain a stable synchronization between memory
Theoretical characterization. We then further characterize and memory controller, Vssc (t) needs to be band-pass filtered
memory EMR based on the theoretical model of memory before being used as a memory clock. Typically, the band-pass
filter removes frequency components higher than memory
1 To write memory directly, we used SSE instructions to bypass cache. clock frequency and then imposes a low cutoff to limit the
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 875
20 DDR3-1600 the other hand, if the size of FFT bin is already smaller than
DDR4-2133
SNR (dB)
Left 0m Right
4.3 Response to Stimulus
To understand the impact of stimulus network traffic on eaves-
dropper’s memory EMR, we setup an experiment where the
laptop equipped with DDR4-2133 is employed to eavesdrop
Back on an 802.11n transmitter. The experiment is conducted on
a clean channel to avoid the interference of uncontrolled net-
Figure 3: The 3 dB range of memory EMRs with and without work traffic. The 802.11n transmitter is configured to send an
memory activities. 100 ms UDP flow every 200 ms. We then vary the rate of the
maximum frequency deviation. After band-pass filtering, the UDP flow and repeat the experiment.
frequency spectrum of Vssc (t) is transformed to, Fig. 4 shows the time varying amplitude of memory EMR
measured in close proximity to the eavesdropper using a slid-
def ∆f ing FFT window of 100 ms. As shown in Fig. 4, the eavesdrop-
kFssc ( f )k = kA ( f ) ∑ Jn ( )δ( f − f0 + n fm )k, (2)
n fm per’s memory EMR demonstrates a clear responsive pattern
when the rate of UDP flow increases to only 2 Mbps. The
where A ( f ) is the impulse response of the band-pass filter. amplitude of response can be significantly boosted by further
Summary of characteristics. Eqn. 2 indicates that the en- increasing the rate of stimulus network traffic.
ergy of memory EMR is non-zero only at f0 − n fm , which
interpreted the spectrum pattern shown in Fig. 1. In other 5 EarFisher Overview
words, memory EMR is composed of a series of sub-clock
components, where the frequency interval between consecu- EarFisher is designed as a standalone system to detect eaves-
tive sub-clocks is fm , and the first sub-clock is at f0 . droppers in a wireless network without the cooperation of
other network nodes. It differentiates eavesdroppers from le-
4.2 Directivity and Range gitimate receivers based on an architectural criteria, where
receivers are convicted of eavesdropping as long as they trans-
We then place receiver at different directions to measure the 3 fer other devices’ packets to memory. In contrast, a legitimate
dB range of memory EMR, which is defined as the maximum receivers should drop other devices’ packets immediately in
distance from which the SNR of received memory EMR is wireless NICs.
higher than 3 dB. In this experiment, we calculate SNR of As illustrated in Fig. 5, EarFisher consists of a stimulator
memory EMR using the sub-clock of the highest power. and a detector. The stimulator is a wireless network of two co-
It is worth noting that the SNR of received memory EMR is operative nodes, which exchange packets to generate stimuli2 .
dependent on the size of FFT window. As shown in Fig. 2, the The detector senses memory EMR using a software defined
larger the FFT window, the higher the SNR. However, the gain radio, which is hosted by one of the stimulator nodes and is
yielded by enlarging FFT window gradually diminishes as the synchronized with the wireless NIC to monitor the variations
size of FFT window increases. To understand why, consider of memory EMRs under traffic stimuli.
a FFT bin (whose size equals the inversion of FFT window 2 A simpler method is to use a single wireless device to forge a packet
size) that is large enough for containing one sub-clock. In this flow. However, crafty eavesdroppers may detect the forged packet flow by
case, one can always reduce the FFT bin to suppress noise noticing that the sender and the receiver manifest the same channel state
without affecting the sub-clock, thereby increasing SNR. On information.
876 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
Stimulator
Bait packets
Normalized Power
Normalized Power
Normalized Power
1 1 1
0.8 0.8 0.8
0.6 0.6 0.6
0.4 0.4 0.4 Eavesdropper
0.2 0.2 0.2 SDR
0 0 0
0200 400 600 800 0 200 400 600 800 0 200 400 600 800
Time (ms) Time (ms) Time (ms) Memory
Detector EMR
(a) Rate = 600 Kbps. (b) Rate = 2 Mbps. (c) Rate = 20 Mbps.
Figure 4: Time varying amplitude of memory EMR under the stimuli of periodic UDP flows. Figure 5: EarFisher architecture.
fm (KHz)
31.8
channel architecture, memory EMR is still very weak and thus 31.6 Inspiron
can be easily buried by noise when sensing from a distance. 31.4 Thinkpad
Moreover, when devices having the same memory frequency 31.2
coexist in an environment, their memory EMRs will be mixed 31.0
together in frequency spectrum, making it difficult to track 0 5 10 15 20 25 30 35
∆ f0 (KHz)
them separately. EarFisher addresses these challenges by us-
ing folding [39] – a signal processing algorithm originally Figure 6: The distribution of memory clock fingerprints.
used by large radio telescopes to amplify astronomical sig-
nals – to sense weak memory EMRs. It then leverages the 6 System Design
fingerprint of memory clock to separate and track the memory
EMRs of different devices. This section presents the design of EarFisher in detail. We first
Obscuring stimulus traffic. Sensing weak memory EMRs propose a sensing primitive to monitor memory EMRs, and
requires a large FFT window to suppress noise. However, then describe the design of stimulator and detector. Finally, we
intensive transmission of stimulus traffic in a large time win- discuss how to detect eavesdroppers who deliberately write
dow may interfere with normal network traffic. In addition, it memory to interfere with EarFisher’s detection.
may introduce a distinguishable traffic pattern to alert crafty
eavesdroppers. To address this challenge, EarFisher first splits
a large block of bait packets into small pieces and then dis-
6.1 Sensing Memory EMRs
guises them as normal network traffic. At the detector side, As discussed in section 4, memory EMR consists of a se-
EarFisher stitches signal samples captured at the time instants ries of sub-clocks, where the i-th sub-clock is at f0 − i fm .
of stimuli into a complete window before taking FFT. Due to minute manufacturing deviations, f0 and fm present a
Tolerating system memory workloads. Memory workloads unique fingerprint, which distributes the sub-clocks of differ-
of operating systems and applications also produce memory ent devices to different frequencies. In the following, we first
EMR, which is difficult to distinguish from the response of characterize memory clock fingerprint to study if it is suffi-
eavesdropper when memory activities coincidentally occur ciently diverse to allow the separation of memory EMRs. We
at the time instants of traffic stimuli. To avoid false alarm, then discuss how to fuse sub-clocks to sense memory EMRs
EarFisher profiles the memory EMR incurred by system mem- buried by noise, and develop a signal processing algorithm
ory workloads for each device at runtime. It then tests the that exploits memory clock fingerprint to separate and track
hypothesis if the surge of memory EMR under stimuli is the memory EMRs of individual devices.
sufficiently significant to claim a detection of response. Characterizing memory clock fingerprints. To character-
Detecting countermeasure. Eavesdroppers knowing the de- ize the fingerprint of memory clock, we conduct measure-
sign and presence of EarFisher may actively write memory ments on 32 devices equipped with DDR3-1600, including
to emit strong EMR, which will interfere with EarFisher’s a Dell Inspiron, a Thinkpad, and 30 identical desktops in the
detection. To detect this countermeasure, EarFisher exploits computer room of a university library. Fig. 6 plots the distri-
a fundamental dilemma faced by the eavesdropper, where bution of their memory clock fingerprints. We observe that f0
intermittent writing of memory leaves significant chance of differs even across the 30 identical desktops. In comparison,
exposing the response to stimuli, while consistent writing the offset of fm is only significant across different devices,
presents an abnormal EMR pattern that can be distinguished which should be attributed to the different modulation fre-
from normal system memory workloads. quencies of their clock generators.
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 877
(a) Noisy spectrum after FFT. (b) Results of folding.
CDF
0.6 0.6
0.04
0.4 0.02 0.4 others are likely separated because of different fm .
0.2 0 0.2 Fusing sub-clocks. We then discuss how to fuse sub-clocks
0 0.1 0.2 0.3
0 0 to boost the SNR of memory EMR. A key design requirement
0 5 10 15 20 0 0.1 0.2 0.3 is to achieve computational efficiency, because the signal pro-
∆f0 (KHz) Sub-Clk BW (KHz)
cessing targets at high-resolution frequency spectra obtained
Figure 8: The CDFs of ∆ f0 and sub-clock bandwidth. by large FFT windows.
To this end, we propose a novel use of folding – a fast
To validate if the fingerprints are sufficiently diverse, con- algorithm originally used by large radio telescopes to amplify
sider an arbitrary pair of identical desktops. As they have sim- periodic astronomical signals [23, 31, 39]. EarFisher utilizes
ilar fm , the separation of their sub-clock components solely folding to search for sub-clock components distributed over
depends on the offset of f0 . Specifically, if the offset of f0 is frequency. Suppose P represents the series of N points of the
too small, sub-clock components will overlap in frequency in spectrum and P [i] (i ∈ [1, N] is the amplitude of the ith point.
a pair-wise fashion. In this case, the overlapped bandwidth The objective of folding is to search for a signal with a period
can be computed as, of T . The spectrum is first divided into small windows of T
points and then added in a window-wise fashion as,
BWa + BWb
∆BW = − ∆ f0 ,
2 bN
T c−1
878 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
cessing algorithm of periodic signal detection – is worse than
folding despite their higher computational overhead. Specif-
ically, FFT fails to identify memory EMRs due to its poor
resolution. Auto-correlation identified one of the laptops but
is significantly more susceptible to noise than folding.
Separating memory EMRs. EarFisher exploits the diversity
of memory clock fingerprints to separate and track memory
EMRs. To this end, EarFisher performs two steps of process-
ing iteratively. First, it folds up the spectrum at all possible
fm , and then identifies the highest folding peak caused by the
device that has the strongest memory EMR. Name this device
as Alice. Second, EarFisher outputs the highest folding peak,
which reflects the fused amplitude of Alice’s memory EMR, Figure 9: Eavesdropper’s response to the stimuli of web page
and then removes the sub-clock components of Alice from downloads.
the spectrum. The goal is to eliminate possible peaks yielded Engineering stimulus traffic. EarFisher disguises the net-
by Alice in subsequent rounds of folding, which may prevent work of Wi-Fi stimulator as a WLAN where one device hosts
EarFisher from identifying the folding peaks of other devices. a virtual access point and the other is attached as a client. To
Note that each sub-clock component may include multiple stimulate a Wi-Fi eavesdropper without incurring its alert, the
spectral points depending on its bandwidth. EarFisher identi- client launches a sequence of webpage downloads at random
fies sub-clock bandwidth using standard edge detection algo- time instants, where each download generates a short stimulus
rithm [19], and then removes all points included in the peak. consisting of several MBs of data depending on the size of
The above procedure is repeated until the highest folding peak webpage3 . Fig. 9 shows an eavesdropper’s response to stim-
falls below a predefined threshold. uli when it is sniffing on the downloads of the homepage of
In practice, the spectrum may contain other signals pro- NSDI as well as 6 popular pages top-ranked in Alexa [2]. We
duced by wireless communication. EarFisher classifies mem- observe that YouTube triggered the strongest response due
ory EMR and wireless communication based on two simple to its large page size, suggesting that the stimulator should
rules. First, the highest folding peak should trace-back to at leverage media-rich pages for stimuli.
least two peaks separated by the folding period in the spec-
In practice, round-trip delays occurred at upper-layers pre-
trum. Second, the bandwidth of each trace-backed peak should
vent the stimulator from achieving a high throughput, thereby
not exceed 300 Hz – an empirical upper bound on sub-clock
degrading the intensity of stimulus. For example, as can be
bandwidth obtained through extensive measurements. In com-
seen in Fig. 9, the downloading traffic of Facebook page was
parison, the signal bandwidth of wireless communication is
divided into two parts due to large upper-layer delay, which
typically orders-of-magnitude higher in order to achieve a
significantly weakens the eavesdropper’s response despite the
meaningful data rate.
large size of Facebook page. To address this issue, EarFisher
Tracking memory EMRs. EarFisher tracks memory EMRs first records the real traffic of webpage downloads, and then
of different devices by using ( f0 , fm ) as a device identity. In replays the traffic in the local network of stimulator.
practice, ( f0 , fm ) may experience small variance over time. To
Media access control. To further improve the effectiveness
address this issue, EarFisher clusters folding peaks obtained
of stimulus, EarFisher leverages the following MAC-layer
at different time instants based on the euclidean distance of
schemes. First, EarFisher utilizes the frame aggregation fea-
( f0 , fm ), where each cluster corresponds to one device. It then
ture of 802.11 to bundle multiple bait packets in a single trans-
assigns a unique ID to each device and tracks the variation of
mission, which effectively increases the throughput of stimu-
f0 and fm using standard phase-locked loops.
lus traffic. Second, before transmitting bait packets, EarFisher
uses RTS and CTS to mute normal network traffic. The goal
6.2 Stimulator is to reduce the chance of false alarm, which may happen
if legitimate network nodes transmit or receive and thereby
The stimulator of EarFisher consists of two cooperative de- produce memory EMRs during stimulus period. One of our
vices, which exchange packets to generate stimulus traffic. To future work is to further control the timing of stimuli to mini-
detect eavesdroppers in a specific wireless network, the bait mize the interference with normal network traffic. This can be
packets should be transmitted on the same frequency channel. achieved by predicting the variation of normal network traf-
In case the network to protect is operated on multiple chan- fic using theoretical models [28] and then sending stimulus
nels, the stimulator can hop across channels to inject baits. In traffic only when the wireless channel is under-utilized.
the following, we focus on the design of a Wi-Fi stimulator.
The principle of the presented design is broadly applicable to 3 Accordingto httparchive [4], the average webpage size has increased
other types of wireless networks. from 1.6 MB in 2014 to 4 MB in 2019.
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 879
6.3 Detector then compares the p-value with a a chosen level of statistical
significance, denoted as α. Basically, a high α assures low
At a high-level, the detector of EarFisher separates and tracks false alarm rate but may raise miss detection. EarFisher ex-
memory EMRs using the sensing primitive proposed in sec- poses the configuration of α, which allows users to tune the
tion 6.1, and then inspects each memory EMR to infer the re- balance between detection rate and false alarm.
sponse to traffic stimuli. Note that whenever transmitting bait
packets, the stimulator will also emit memory EMR, which is
difficult to distinguish from the response of an eavesdropper. 6.4 Detecting Countermeasure
To address this issue, a straightforward method is to count To counteract the detection of EarFisher, eavesdroppers know-
bait receivers and check if the number is larger than expected. ing the design and presence of EarFisher may actively write
In the design of EarFisher, we employ a simple alternative memory to emit strong EMR, which will pollute the base-
to walkaround receiver counting. Specifically, EarFisher em- line set profiled by EarFisher, thus defeating the statistical
ploys two stimulators of different memory frequencies. In test given in Eqn. 3. In the following, we propose a simple
this case, because the eavesdropper’s memory frequency must method to detect this countermeasure.
differ from that of at least one stimulator, the detector can
The dilemma of eavesdropper. Our insight is that, when ac-
quickly identify eavesdropper’s memory EMRs based simply
tively writing memory, the eavesdropper faces a fundamental
on emission frequency.
dilemma where intermittent writing leaves significant chance
Profiling memory EMRs. To detect the presence of eaves- of exposing the response to stimuli, while consistent writing
droppers, EarFisher compares the amplitudes of memory presents an abnormal pattern of memory EMR that can be
EMRs measured in the presence and absence of stimulus distinguished from normal system memory workloads.
traffic, named as stimulus set and baseline set, respectively. Specifically, to mask the response to traffic stimuli, the
To profile the stimulus set, EarFisher first captures signals eavesdropper must erase the difference between the reference
around the transmission time of bait packets, and then puts and stimulus set. However, because the stimulus set is built
captured signals in a large FFT window. Once the window is by stitching signals received under traffic stimuli, it captures
completely filled, EarFisher runs the algorithm proposed in the eavesdropper’s memory EMR in a status of virtually con-
section 6.1 to identify memory EMRs. Suppose n memory sistent writing of memory. In order to defeat the statistical
EMRs are observed at I i = ( f0i , fmi ), i ∈ (1, n). For each I i , test, the eavesdropper must write memory at a comparable
EarFisher establishes a stimulus set to record the amplitude intensity to corrupt the baseline set.
of memory EMR, and then populates the set when new FFT On the other hand, due to the presence of hierarchical cache,
windows are available. a normal system rarely writes memory consistently. In partic-
Note that a surge of memory EMR under traffic stimuli ular, unlike wireless NICs that write received packets directly
could be a coincidence caused by system memory work- into memory, legitimate programs only read/write memory
load. To profile the probability of such coincidence, EarFisher under cache miss, while modern Intel and AMD CPUs can
keeps tracking the amplitude of memory EMR for each I i to maintain cache hit rate above 90%. Moreover, due to the high
build the baseline set. To prevent memory EMRs caused by bus bandwidth of modern memory (ranging from a couple
network activity from polluting the baseline set, EarFisher of GB/s of DDR to tens of GB/s of DDR4), the data transfer
purges signals captured in the presence of ongoing network caused by normal memory workload typically completes in
traffic, and then stitches remaining signals into FFT windows. very short time, producing only intermittent bursts of memory
Statistical hypothesis testing. EarFisher then compares the EMRs. As an example, Fig. 10 shows the time-varying ampli-
stimulus and baseline set using a statistical hypothesis test tude of memory EMR measured on a laptop running Ubuntu
called t-test, which is widely used to decide whether a drug 18.04 and Windows 10 with no other programs. We observe
has had a significant effect on the studied population. A t-test that the operating systems alone yield noticeable variance of
takes the means, variances, and the number of samples of the memory EMR. In contrast, consistent writing of memory can
two compared sets, and then computes a t-value as follows, easily erase the variance, presenting a distinguishable pattern.
µstimulus − µreference Exploiting the dilemma. To detect eavesdroppers who de-
t=q , (3) liberately write memory to mask response to traffic stimuli,
σstimulus σreference
nstimulus + nreference EarFisher complements the detector proposed in section 6.3
with an auxiliary detector to inspect abnormal EMR pattern
where µ and σ are the mean and variance of a set, respectively; caused by deliberate writing.
n is the number of samples, which determines the degrees of The auxiliary detector uses the variance of normalized
freedom of the test. memory EMR amplitude as a feature to investigate if the base-
Once the t-value and degrees of freedom are determined, a line set has been polluted by deliberate writing. However, be-
p-value can be calculated. A large positive p-value is an evi- cause measuring memory EMR requires a large FFT window
dence that µstimulus is significantly larger than µref . EarFisher to suppress noise, obtaining a fine-grained estimation of EMR
880 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
(a) Ubuntu 18.04, mean = 0.14, var = 0.35. 7 Evaluation
1
Normalized
0.8
Power
0.6
This section evaluates the performance of EarFisher in an
0.4 802.11n network. The current prototype of EarFisher employs
0.2 BladeRF [3] to sense memory EMRs. To generate stimulus
0 traffic, EarFisher replays the recorded traffic of YouTube page
(b) Windows 10, mean = 0.68, var = 0.33.
download at about 10 MB/s in its local stimulator network.
1
Normalized
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 881
1 1 1 EV 1 EV
0.9 0.9 0.9 LR 0.9 LR
0.8 0.8 0.8 0.8
p-value
p-value
p-value
p-value
0.7 EV 0.7 EV 0.7 0.7
LR LR
0.6 0.6 0.6 0.6
0.5 0.5 0.5 0.5
0.4 0.4 0.4 0.4
16 20 24 28 32 16 20 24 28 32 0.5 0.6 0.7 0.8 0.9 1 0.5 0.6 0.7 0.8 0.9 1
Attenuation (dB) Attenuation (dB) Channel Busy Ratio Channel Busy Ratio
Figure 11: The p-values for the eavesdropper (EV) and the Figure 13: The impact of network traffic (left:DDR3,
legitimate receiver (LR) as a function of EMR attenuation right:DDR4).
(left: DDR3, right: DDR4). As shown in Fig. 12, compared with the results shown
in Fig. 11, the attenuation resistance of EarFisher degrades
1 1
0.9 0.9
by less than 1 dB and 5 dB when the eavesdroppers run
0.8 0.8 Wireshark and VLC, respectively. VLC imposes a higher
p-value
p-value
p-value
EV EV will impact the baseline and stimulus set uniformly, hence the
0.7 0.7 results of statistical test will remain unbiased.
LR LR
0.6 0.6
0.5 0.5
Although we focus on only two representative applications
0.4 0.4 in this experiment, we note that the interference caused by
memory workload can be generally quantified using the busy
16 20 24 28 32 16 20 24 28 32
Attenuation (dB) Attenuation (dB) ratio of memory bus. We will study EarFisher’s performance
(b) VLC media player. as a function of memory busy ratio in section 7.2.
Figure 12: The impact of memory workloads (left: DDR3, Network traffic. To study the impact of network traffic, we
right: DDR4). employ two additional 802.11n nodes to inject normal net-
work traffic using iPerf [5]. In this experiment, we place eaves-
30 m and 24 m, respectively. When the amount of attenua- droppers at 10m away from the EarFisher’s detector. We then
tion further increases, the p-value for eavesdropper begins to compare the p-values for eavesdroppers and legitimate re-
decrease, as the surge of eavesdropper’s memory EMR corre- ceivers in the presence of different volumes of network traffic.
sponding to the response to stimuli is gradually submerged by We use channel busy ratio to quantify the interference pro-
noise. We note that DDR3 is more resistant to attenuation than duced by normal network traffic, because absolute volume
DDR4 because of the stronger EMR attributed to the higher can be misleading when characterizing interference intensity
operating voltage. In comparison, the p-value of legitimate in wireless networks of different data rates.
receivers fluctuates in between 0.4 to 0.6 consistently despite As shown in Fig. 13, we observe that the detection perfor-
the increase of attenuation. The results indicate that, if the mance of EarFisher is reliable as long as the channel busy
user chooses a p-value threshold of 0.9, then EarFisher will ratio is below 73%. As channel busy ratio further increases, it
detect all DDR3 and DDR4 eavesdroppers before attenuation becomes increasingly difficult to profile a clean baseline set
reaches 29 dB and 21 dB while without miss-classifying any not affected by network traffic. As a result, the p-value of the
legitimate receivers as eavesdroppers. eavesdropper will begin to degrade.
System memory workload. Memory EMR produced by sys- Coexisting devices. We next evaluate EarFisher in a crowded
tem memory workload will pollute the baseline profiled by environment where devices having the same memory fre-
EarFisher and thus will affect the result of statistical test. To quency introduce interfering memory EMRs. We place the
study the impact of system memory workload, we let the lap- DDR3 eavesdropper in a library computer room that has 40
tops run two representative applications, including Wireshark identical desktops, all having the same memory frequency as
– a widely used packet analyzer, and VLC media player, which the eavesdropper. We then turn on desktops one by one and
reads memory intensively to load a high-definition video. study the impact on EarFisher’s performance.
882 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
1 7.3 A Deployment Case
0.8
p-value
p-value
0.6 0.6 As shown in Fig. 17, when the p-value threshold is set to
0.4 0.4 0.75, 8 of 9 DDR3 and 7 of 9 DDR4 eavesdroppers can be
0.2 EV 0.2 EV detected by at least one of the three EarFisher nodes with a
0 CM 0 CM recall higher than 90% while incurring no false alarms. In
0.5 0.6 0.7 0.8 0.9 1 0.5 0.6 0.7 0.8 0.9 1 particular, eavesdroppers at location B and C can be accu-
Mem Busy Ratio Mem Busy Ratio rately detected by EarFisher deployed at S3 and S2, despite
the block of doors and walls. When the p-value threshold
Figure 15: The p-values of the eavesdropper (EV) and the
is relaxed to 0.6, the recall for the DDR4 eavesdropper at
countermeasure (CM) detectors under different memory busy
location F increases from 0% to 83%. However, this is at the
ratios (left: DDR3, right: DDR4).
cost of slightly reducing the precision from 100% to 94% and
Fig. 14 compares the p-values for eavesdropper and legiti- 97% at location A and B, respectively. We find that location G
mate receiver as the number of coexisting desktops increases. demonstrates as a blind spot due to severe EMR attenuation.
We observe that EarFisher is fairly resistant to the interfer- We note that the performance of EarFisher can be further
ence of coexisting devices. Even when all 40 desktops are improved by leveraging advanced radio equipment such as
active simultaneously, the p-value for eavesdropper remains high-gain LNA, better planing the deployment of EarFisher,
higher than 0.8, while the p-value of legitimate receiver fluc- or deploying more EarFisher nodes.
tuates around 0.5. This should be attributed to the diversity of
memory clock fingerprint, which allows EarFisher to separate
the memory EMRs of different devices. 8 Discussion
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 883
DDR3, p-value threshold = 0.75 DDR4, p-value threshold = 0.75 DDR4, p-value threshold = 0.60
S1 S2 S3 S1 S2 S3 S1 S2 S3
Rc Pr Rc Pr Rc Pr Rc Pr Rc Pr Rc Pr Rc Pr Rc Pr Rc Pr
A 0 0 0.34 1.00 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0.52 1.00 1.00 0.94
B 0 0 0.05 1.00 1.00 1.00 0 0 0 0 0.93 1.00 0 0 0.07 1.00 1.00 0.97
C 1.00 1.00 1.00 1.00 0 0 0 0 0.90 1.00 0 0 0.63 1.00 1.00 1.00 0 0
D 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0 0
E 1.00 1.00 0.97 1.00 0 0 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0 0
F 1.00 1.00 0 0 0 0 0 0 0 0 0 0 0.83 0.96 0 0 0 0
G 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
H 0.57 1.00 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0.61 1.00 1.00 1.00 0 0
Figure 16: Testbed de- I 0.12 1.00 1.00 1.00 0 0 0 0 1.00 1.00 0 0 0 0 1.00 1.00 0 0
ployment.
Figure 17: The recall (Re) and precision (Pr) for eavesdroppers deployed at different locations.
Weaponizing low-power wireless. Eavesdroppers may cir- Low rate wireless networks. Experiment results shown in
cumvent EarFisher’s sensing by repurposing low-power wire- Fig. 4 suggest that a traffic stimulus of as slow as 2 MB/s
less devices. As an example, ESP8266 [33] – a Wi-Fi enabled suffice to trigger the eavesdropper’s response. Unfortunately,
IoT – has a microcontroller that directly controls Wi-Fi chip this is still beyond the maximum data rate of many low-power
via UART, thus avoiding strong memory EMR when receiv- wireless networks such as ZigBee. However, we expect that
ing packets. However, such low-power architectural features EarFisher will achieve better detection performance in the
typically limit the computation and storage capability of IoTs, coming generation of high-rate wireless networks such as
making them ill-suited for security-intrusive tasks. For ex- IEEE 802.11ax, which features GB/s level data rate, thus
ample, the on-board memory of ESP8266 is only 32 KiB for allowing for traffic stimuli of much higher intensities.
instruction and 80 KiB for data. In comparison, to crack a Blind spots. Eavesdroppers knowing the deployment of Ear-
WEP key, the attacker needs to perform a computation over Fisher may exploit locations subject to severe EM attenua-
millions of encrypted packets [14]. As a result, to work as a tion, such as room G shown in Fig. 16. Another example
full-fledged eavesdropper, low-power wireless devices have is to deploy eavesdroppers as hidden terminals, where the
to rely on a host, which will leak strong memory EMR that eavesdropper can hear the packets of a transmitter-of-interest,
can be captured by EarFisher. but is at a location relatively distant to EarFisher, such that
Physical shielding. A physical method to mitigate response the memory EMR cannot be accurately sensed. Such blind
is to shield eavesdropper’s memory bus to attenuate EMR. spots of detection can be mitigated by extending the coverage
However, unlike shielding external emanation sources such of EarFisher. Possible methods include but not limited to us-
as monitor cables, shielding memory bus can be prohibitively ing high-gain LNA, leveraging advanced signal processing
challenging and expensive. such as blind beamforming [12], or deploying more EarFisher
nodes to monitor the area-of-interest.
8.2 Limitations
9 Conclusion
Excessive verdicts. By EarFisher’s detection methodology,
any device that digests others’ packets in CPU-memory sys- This paper presents EarFisher – a system that detects wireless
tem will be convicted of eavesdropping. Unfortunately, it is eavesdroppers by stimulating and sensing memory EMRs.
difficult, if not impossible, to differentiate benign or mali- Experiment results show that EarFisher accurately detects
cious use of other’s packets. As a result, all software radios eavesdroppers despite poor signal conditions and the interfer-
will be identified as eavesdroppers as long as they transfer ence of normal network traffic, system memory workloads,
baseband signals to a host or process signals on board, both and the interfering EMRs emitted by coexisting devices. We
will emit strong memory EMRs. This is harsh but reasonable, believe EarFisher provides an important block for building
because software radios process other devices’ signal (albeit secure wireless networks. Incorporating EarFisher in wireless
such processing may be only at the PHY layer) in an intrusted security protocols, such as to verify the confidentiality of key
context with rich storage and computational resources capable establishment, remains an important problem for future work.
of security- and privacy-intrusive tasks.
Besides software radios, recent wireless sensing and com- Acknowledgments
munication primitives such as backscatter [20] and localiza-
tion [6, 38], may require Wi-Fi NICs to operate in monitor We are grateful to NSDI reviewers and our shepherd, Andreas
mode. To authenticate these applications, a possible method Haeberlen, for their insightful comments. This research was
is to register legal eavesdropping devices a priori, and then let supported, in part, by funds from BvTech S.p.A. and the mem-
EarFisher count the number of eavesdroppers to determine bers of the Cybersecurity at MIT Sloan (CAMS) consortium
the presence of illegitimate ones. (https://cams.mit.edu)
884 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association
References [15] Karine Gandolfi, Christophe Mourtel, and Francis
Olivier. Electromagnetic analysis: Concrete results. In
[1] Aircrack-ng. https://aircrack-ng.org. International Workshop on Cryptographic Hardware
and Embedded Systems (CHES), 2001.
[2] Alexa topsites. https://www.alexa.com/topsites.
[16] Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran
[3] Bladerf. https://www.nuand.com. Tromer, and Yuval Yarom. Ecdsa key extraction from
mobile devices via nonintrusive physical side channels.
[4] httparchive. https://httparchive.org/. In ACM SIGSAC Conference on Computer and Commu-
nications Security (CCS), 2016.
[5] Iperf. https://iperf.fr/.
[17] Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi
[6] Fadel Adib, Zachary Kabelac, and Dina Katabi. Multi- Kedma, Yisroel Mirsky, and Yuval Elovici. Gsmem:
person localization via rf body reflections. In USENIX Data exfiltration from air-gapped computers over gsm
Symposium on Networked Systems Design and Imple- frequencies. In USENIX Security Symposium, 2015.
mentation (NSDI), 2015.
[18] Yi Han, Sriharsha Etigowni, Hua Liu, Saman Zonouz,
[7] Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Athina Petropulu. Watch me, but don’t touch me!
and Pankaj Rohatgi. The em side-channel(s). In In- contactless control flow monitoring via electromagnetic
ternational Workshop on Cryptographic Hardware and emanations. In ACM SIGSAC Conference on Computer
Embedded Systems (CHES), 2002. and Communications Security (CCS), 2017.
[14] Scott R. Fluhrer, Itsik Mantin, and Adi Shamir. Weak- [26] Sanghoon Park, Lawrence E Larson, and Laurence B
nesses in the key scheduling algorithm of rc4. In Annual Milstein. Hidden mobile terminal device discovery in
International Workshop on Selected Areas in Cryptog- a uwb environment. In IEEE International Conference
raphy, 2001. on Ultra-Wideband, 2006.
USENIX Association 18th USENIX Symposium on Networked Systems Design and Implementation 885
[27] Sanghoon Park, Lawrence E Larson, and Laurence B jeev Agarwal. Detection of super-regenerative receivers
Milstein. An rf receiver detection technique for cogni- using hurst parameter. IEEE Transactions on Instrumen-
tive radio coexistence. IEEE Transactions on Circuits tation and Measurement, 2013.
and Systems, 2010.
[28] V. Paxson and S. Floyd. Wide area traffic: the failure [35] Mathy Vanhoef and Frank Piessens. Key reinstallation
of poisson modeling. IEEE/ACM Transactions on Net- attacks: Forcing nonce reuse in wpa2. In ACM SIGSAC
working, 1995. Conference on Computer and Communications Security
(CCS), 2017.
[29] Nader Sehatbakhsh, Alireza Nazari, Haider Khan,
Alenka Zajic, and Milos Prvulovic. Emma: Hard-
ware/software attestation framework for embedded sys- [36] Ben Wild and Kannan Ramchandran. Detecting primary
tems using electromagnetic signals. In IEEE/ACM In- receivers for cognitive radio applications. In The IEEE
ternational Symposium on Microarchitecture (Micro), International Symposium on Dynamic Spectrum Access
2019. Networks (DySPAN), 2005.
[33] Expressif Systems. Esp8266 overview. https://www. [39] Ruogu Zhou, Yongping Xiong, Guoliang Xing, Limin
espressif.com/products/socs/esp8266/. Sun, and Jian Ma. Zifi: wireless lan discovery via zigbee
interference signatures. In ACM International Confer-
[34] Vivek Thotla, Mohammad Tayeb Ahmad Ghasr, Ma- ence on Mobile Computing and Networking (MobiCom),
ciej J Zawodniok, Sarangapani Jagannathan, and San- 2010.
886 18th USENIX Symposium on Networked Systems Design and Implementation USENIX Association