In the advent of the Internet of Things (IoT), smart systems, wearable devices, and other technological inventions, our collective future is likely to be full of wireless communicating devices. Anywhere on Earth, at any time, there will be a vast number of sensors and embedded computing processors capable of wireless communication using a variety of technologies and communication protocols such as Bluetooth, Bluetooth Low Energy (also commonly referred to as “BLE” or “Bluetooth LE”), Wi-Fi, Zigbee, Cellular, etc. Despite not being connected with interconnection wires, these devices may constantly be receiving and transmitting data over the air.
Being wirelessly connected means more flexibility in the placement of devices, and further, these devices may even be mobile. This leads the trend towards wireless systems and environments: more and more of the communication between people and between devices will utilize wireless transmissions. However, from a cyber security point of view, this also means a higher vulnerability to attacks because of two related reasons. First, it is easier for an attacker to “tap in” to wireless communications as it need not be physically wired to a common interconnect, but instead merely needs to listen/talk using a common communication protocol and channels/frequencies. Second, just like the intended recipient, an attacker may also listen to wireless communication from a distance. In a sense, the flexibility and ease of communication in wireless systems is also making it easier for prospective attackers to attack.
In any environment, some devices may be (or may become) hostile and even malicious, e.g., they may be configured and/or programmed to collect information about individuals, to intercept private communications, to intervene in transmissions, to serve as bridges for attacks targeting other devices, to create noise, to flood services with queries in order to prevent them from serving other legitimate queries, to disrupt benign communication, to redirect benign transmissions so that the attacking device becomes a mediator between communicating targets (e.g., man-in-the-middle (MITM) attacks), to inject packets into benign sessions to exploit protocol weaknesses, etc. In fact, the number of wireless attacks appears to be enormous, continues to grow, and their sophistication only increases over time.
Accordingly, techniques for protecting devices (and locations/environments) utilizing wireless communications from potentially malicious actors are strongly desired.