LAUSR

Physical layer covert channels exploit the characteristics of radio signals to convey secret messages while remaining inconspicuous within wireless channels. With specifically designed modulation schemes, covert channels effectively disguise secret messages as noise. Since the intentionally embedded noise dissipates when the radio signal is decoded as a bitstream, adversaries can maintain a stealthy breach in communication systems. IoT devices, particularly, often utilize vendor-specific firmware and hardware whose security verification is too complex for everyday users. Hence, these devices can easily be compromised to transmit their data to unauthorized adversaries via the covert channels. To this end, we propose a novel countermeasure system, Ghost-Fi Detector, which detects the covert channels reliably and comprehensively. Our attack models reflect a real-world wireless network technology, Wi-Fi, and cover three aspects of its radio signal characteristics including amplitude, phase, and frequency. Since each model induces distinct manifestations in the received signal, there is no dominant universal detection mechanism that detects all the attack models simultaneously. Instead, Ghost-Fi detector consists of six precisely designed complementary defense mechanisms that perform passive radio-frequency analyses. Evaluation results show that Ghost-Fi Detector achieves an average hit rate of 95% with an almost zero false-positive rate for arbitrary Wi-Fi frames.