当前位置:
X-MOL 学术
›
ACM Trans. Priv. Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
The System That Cried Wolf
ACM Transactions on Privacy and Security ( IF 2.3 ) Pub Date : 2020-06-12 , DOI: 10.1145/3393926 Hocheol Shin 1 , Juhwan Noh 1 , Dohyun Kim 1 , Yongdae Kim 1
ACM Transactions on Privacy and Security ( IF 2.3 ) Pub Date : 2020-06-12 , DOI: 10.1145/3393926 Hocheol Shin 1 , Juhwan Noh 1 , Dohyun Kim 1 , Yongdae Kim 1
Affiliation
Fire alarm and signaling systems are a networked system of fire detectors, fire control units, automated fire extinguishers, and fire notification appliances. Malfunction of these safety-critical cyber-physical systems may lead to chaotic evacuations, property damage, and even loss of human life. Therefore, reliability is one of the most crucial factors for fire detectors. Indeed, even a single report of a fire cannot be ignored, considering the importance of early fire detection and suppression. In this article, we show that wide-area smoke detectors, which are globally installed in critical infrastructures such as airports, sports facilities, and auditoriums, have significant vulnerabilities in terms of reliability; one can remotely and stealthily induce false fire alarms and suppress real fire alarms with a minimal attacker capability using simple equipment. The practicality and generalizability of these vulnerabilities has been assessed based on the demonstration of two types of sensor attacks on two commercial off-the-shelf optical beam smoke detectors from different manufacturers. Further, the practical considerations of building stealthy attack equipment has been analyzed, and an extensive survey of almost all optical beam smoke detectors on the market has been conducted. In addition, we show that the current standards of the fire alarm network connecting the detector and a control unit exacerbate the problem, making it impossible or very difficult to mitigate the threats we found. Finally, we discuss hardware- and software-based possible countermeasures for both wide-area smoke detectors and the fire alarm network; the effectiveness of one of the countermeasures is experimentally evaluated.
中文翻译:
叫狼来了的系统
火灾报警和信号系统是火灾探测器、火灾控制单元、自动灭火器和火灾通知设备的联网系统。这些对安全至关重要的网络物理系统的故障可能会导致混乱的疏散、财产损失,甚至人员伤亡。因此,可靠性是火灾探测器最关键的因素之一。事实上,考虑到早期火灾探测和扑灭的重要性,即使是单一的火灾报告也不容忽视。在本文中,我们展示了全球安装在机场、体育设施和礼堂等关键基础设施中的广域烟雾探测器在可靠性方面存在重大漏洞;人们可以使用简单的设备,以最小的攻击者能力远程隐蔽地诱发虚假火警并抑制真正的火警。这些漏洞的实用性和普遍性已经基于对来自不同制造商的两个商用现成光束烟雾探测器的两种类型传感器攻击的演示进行了评估。此外,还分析了构建隐身攻击设备的实际考虑因素,并对市场上几乎所有的光束烟雾探测器进行了广泛的调查。此外,我们表明,连接探测器和控制单元的火灾报警网络的当前标准加剧了问题,使得我们无法或非常难以减轻我们发现的威胁。最后,我们讨论了基于硬件和软件的广域烟雾探测器和火警网络的可能对策;对其中一种对策的有效性进行了实验评估。
更新日期:2020-06-12
中文翻译:
叫狼来了的系统
火灾报警和信号系统是火灾探测器、火灾控制单元、自动灭火器和火灾通知设备的联网系统。这些对安全至关重要的网络物理系统的故障可能会导致混乱的疏散、财产损失,甚至人员伤亡。因此,可靠性是火灾探测器最关键的因素之一。事实上,考虑到早期火灾探测和扑灭的重要性,即使是单一的火灾报告也不容忽视。在本文中,我们展示了全球安装在机场、体育设施和礼堂等关键基础设施中的广域烟雾探测器在可靠性方面存在重大漏洞;人们可以使用简单的设备,以最小的攻击者能力远程隐蔽地诱发虚假火警并抑制真正的火警。这些漏洞的实用性和普遍性已经基于对来自不同制造商的两个商用现成光束烟雾探测器的两种类型传感器攻击的演示进行了评估。此外,还分析了构建隐身攻击设备的实际考虑因素,并对市场上几乎所有的光束烟雾探测器进行了广泛的调查。此外,我们表明,连接探测器和控制单元的火灾报警网络的当前标准加剧了问题,使得我们无法或非常难以减轻我们发现的威胁。最后,我们讨论了基于硬件和软件的广域烟雾探测器和火警网络的可能对策;对其中一种对策的有效性进行了实验评估。
京公网安备 11010802027423号