DARPA Wants To Protect Your Refrigerator From Hackers

This system could protect all the IoT devices in your home

Photo Illustration: R. A. Di Ieso
Aug 09, 2016 at 11:33 AM ET

If you’ve bought a new appliance over the last couple years, there’s a chance it’s an internet-connected device that is vulnerable to hacking. Now the Pentagon is trying to develop technology that will secure those smart refrigerators, connected thermostats, and app-integrated baby monitors.

Georgia Institute of Technology has announced that the Defense Advanced Research Projects Agency (DARPA) has granted the university $9.4 million to build a system that can monitor Internet of Things (IoT) devices. Researchers from the Georgia Tech School of Computer Science and School of Electrical and Computer Engineering will be working with a team from Northrop Grumman to develop the technology.

IoT industry experts have forecasted that there could be anywhere between 20 billion to 200 billion connected devices in use by 2020. But amidst this boom, cybersecurity advancements haven’t kept up. A 2014 Hewlett-Packard study showed that 70 percent of common IoT devices were vulnerable to hacking and a recent report from Business Insider on the IoT cybersecurity landscape shows that matters haven’t gotten much better in the last couple years, as “many IoT device manufacturers and service providers are failing to implement common security measures in their products.” This is partially because many of the appliances companies entering this field aren’t giving proper attention to security and partially because this stripped-down, ubiquitous technology doesn’t have enough power to run the same beefed-up malware protection you have on your computer.

You might not worry about someone hacking your toaster or washing machine, but those appliances can be a portal to other devices that store more sensitive information. And there are other smart appliances that you probably don’t want a hacker to access—like your your locks or security cameras. If you want to see just how easy it is to access someone else’s devices, just peruse through Shodan, the search engine for unprotected IoT devices, like webcams.

Now, DARPA is stepping up to help keep America’s appliances safe by funding research on efficient ways to protect smart tech. The latest project, known as CAMELIA (Computational Activity Monitoring by Externally Leveraging Involuntary Analog Signals), will focus on developing a technique to efficiently monitor IoT device thermal emissions without interfering with the device’s functions.

To do this the researchers want to build a system that creates a database of a device’s low-power electronic signals, aka side-channel emissions where information “leaks” out. Once this “before” record is compiled, then the system can run continuous scans that detect if anything has changed.

“If somebody inserts something into the program loop, the peaks in the spectrum will shift and we can detect that,” said Alenka Zajic, CAMELIA’s principal investigator and assistant professor at the Georgia Tech School of Electrical and Computer Engineering, in a statement. “This is something that we can monitor in real time using advanced pattern-matching technology that uses machine learning to improve its performance.”

Currently, Georgia Tech has technology that can read these side-channel emissions from about 20 inches away. Eventually they expect to be able to read the signals from about 10 feet away. This means that a single device could monitor all the IoT devices within a room.

The CAMELIA project will be in development for four years, but there’s no telling how long before this technology could become available for civilian use. Until then, you might want to limit your use of smart home appliances. Sometimes a dumb home is a safe home.