Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication

Syed S. Rizvi, Jarrett Imler, Luke Ritchey, Michael Tokar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In most produced modern vehicles, Passive Keyless Entry and Start System (PKES), a newer form of an entry access system, is becoming more and more popular. The PKES system allows the consumer to enter within a certain range and have the vehicle's doors unlock automatically without pressing any buttons on the key. This technology increases the overall convenience to the consumer; however, it is vulnerable to attacks known as relay and amplified relay attacks. A relay attack consists of placing a device near the vehicle and a device near the key to relay the signal between the key and the vehicle. On the other hand, an amplified relay attack uses only a singular amplifier to increase the range of the vehicle sensors to reach the key. By exploiting these two different vulnerabilities within the PKES system, an attacker can gain unauthorized access to the vehicle, leading to damage or even stolen property. To minimize both vulnerabilities, we propose a coordinate tracing system with an additional Bluetooth communication channel. The coordinate tracing system, or PKES Forcefield, traces the authorized key's longitude and latitude in real time using two proposed algorithms, known as the Key Bearing algorithm and the Longitude and Latitude Key (LLK) algorithm. To further add security, a Bluetooth communication channel will be implemented. With an additional channel established, a second frequency can be traced within a secondary PKES Forcefield. The LLK Algorithm computes both locations of frequencies and analyzes the results to form a pattern. Furthermore, the PKES Forcefield movement-tracing allows a vehicle to understand when an attacker attempts to transmit an unauthenticated signal and blocks any signal from being amplified over a fixed range.

Original languageEnglish (US)
Title of host publication2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728111513
DOIs
StatePublished - Apr 16 2019
Event53rd Annual Conference on Information Sciences and Systems, CISS 2019 - Baltimore, United States
Duration: Mar 20 2019Mar 22 2019

Publication series

Name2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019

Conference

Conference53rd Annual Conference on Information Sciences and Systems, CISS 2019
CountryUnited States
CityBaltimore
Period3/20/193/22/19

Fingerprint

Authentication
Bluetooth
Bearings (structural)
Sensors

All Science Journal Classification (ASJC) codes

  • Information Systems

Cite this

Rizvi, S. S., Imler, J., Ritchey, L., & Tokar, M. (2019). Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication. In 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019 [8692790] (2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CISS.2019.8692790
Rizvi, Syed S. ; Imler, Jarrett ; Ritchey, Luke ; Tokar, Michael. / Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication. 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019. Institute of Electrical and Electronics Engineers Inc., 2019. (2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019).
@inproceedings{13567ac7b9544447b91d9011d13fe994,
title = "Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication",
abstract = "In most produced modern vehicles, Passive Keyless Entry and Start System (PKES), a newer form of an entry access system, is becoming more and more popular. The PKES system allows the consumer to enter within a certain range and have the vehicle's doors unlock automatically without pressing any buttons on the key. This technology increases the overall convenience to the consumer; however, it is vulnerable to attacks known as relay and amplified relay attacks. A relay attack consists of placing a device near the vehicle and a device near the key to relay the signal between the key and the vehicle. On the other hand, an amplified relay attack uses only a singular amplifier to increase the range of the vehicle sensors to reach the key. By exploiting these two different vulnerabilities within the PKES system, an attacker can gain unauthorized access to the vehicle, leading to damage or even stolen property. To minimize both vulnerabilities, we propose a coordinate tracing system with an additional Bluetooth communication channel. The coordinate tracing system, or PKES Forcefield, traces the authorized key's longitude and latitude in real time using two proposed algorithms, known as the Key Bearing algorithm and the Longitude and Latitude Key (LLK) algorithm. To further add security, a Bluetooth communication channel will be implemented. With an additional channel established, a second frequency can be traced within a secondary PKES Forcefield. The LLK Algorithm computes both locations of frequencies and analyzes the results to form a pattern. Furthermore, the PKES Forcefield movement-tracing allows a vehicle to understand when an attacker attempts to transmit an unauthenticated signal and blocks any signal from being amplified over a fixed range.",
author = "Rizvi, {Syed S.} and Jarrett Imler and Luke Ritchey and Michael Tokar",
year = "2019",
month = "4",
day = "16",
doi = "10.1109/CISS.2019.8692790",
language = "English (US)",
series = "2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019",
address = "United States",

}

Rizvi, SS, Imler, J, Ritchey, L & Tokar, M 2019, Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication. in 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019., 8692790, 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019, Institute of Electrical and Electronics Engineers Inc., 53rd Annual Conference on Information Sciences and Systems, CISS 2019, Baltimore, United States, 3/20/19. https://doi.org/10.1109/CISS.2019.8692790

Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication. / Rizvi, Syed S.; Imler, Jarrett; Ritchey, Luke; Tokar, Michael.

2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019. Institute of Electrical and Electronics Engineers Inc., 2019. 8692790 (2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication

AU - Rizvi, Syed S.

AU - Imler, Jarrett

AU - Ritchey, Luke

AU - Tokar, Michael

PY - 2019/4/16

Y1 - 2019/4/16

N2 - In most produced modern vehicles, Passive Keyless Entry and Start System (PKES), a newer form of an entry access system, is becoming more and more popular. The PKES system allows the consumer to enter within a certain range and have the vehicle's doors unlock automatically without pressing any buttons on the key. This technology increases the overall convenience to the consumer; however, it is vulnerable to attacks known as relay and amplified relay attacks. A relay attack consists of placing a device near the vehicle and a device near the key to relay the signal between the key and the vehicle. On the other hand, an amplified relay attack uses only a singular amplifier to increase the range of the vehicle sensors to reach the key. By exploiting these two different vulnerabilities within the PKES system, an attacker can gain unauthorized access to the vehicle, leading to damage or even stolen property. To minimize both vulnerabilities, we propose a coordinate tracing system with an additional Bluetooth communication channel. The coordinate tracing system, or PKES Forcefield, traces the authorized key's longitude and latitude in real time using two proposed algorithms, known as the Key Bearing algorithm and the Longitude and Latitude Key (LLK) algorithm. To further add security, a Bluetooth communication channel will be implemented. With an additional channel established, a second frequency can be traced within a secondary PKES Forcefield. The LLK Algorithm computes both locations of frequencies and analyzes the results to form a pattern. Furthermore, the PKES Forcefield movement-tracing allows a vehicle to understand when an attacker attempts to transmit an unauthenticated signal and blocks any signal from being amplified over a fixed range.

AB - In most produced modern vehicles, Passive Keyless Entry and Start System (PKES), a newer form of an entry access system, is becoming more and more popular. The PKES system allows the consumer to enter within a certain range and have the vehicle's doors unlock automatically without pressing any buttons on the key. This technology increases the overall convenience to the consumer; however, it is vulnerable to attacks known as relay and amplified relay attacks. A relay attack consists of placing a device near the vehicle and a device near the key to relay the signal between the key and the vehicle. On the other hand, an amplified relay attack uses only a singular amplifier to increase the range of the vehicle sensors to reach the key. By exploiting these two different vulnerabilities within the PKES system, an attacker can gain unauthorized access to the vehicle, leading to damage or even stolen property. To minimize both vulnerabilities, we propose a coordinate tracing system with an additional Bluetooth communication channel. The coordinate tracing system, or PKES Forcefield, traces the authorized key's longitude and latitude in real time using two proposed algorithms, known as the Key Bearing algorithm and the Longitude and Latitude Key (LLK) algorithm. To further add security, a Bluetooth communication channel will be implemented. With an additional channel established, a second frequency can be traced within a secondary PKES Forcefield. The LLK Algorithm computes both locations of frequencies and analyzes the results to form a pattern. Furthermore, the PKES Forcefield movement-tracing allows a vehicle to understand when an attacker attempts to transmit an unauthenticated signal and blocks any signal from being amplified over a fixed range.

UR - http://www.scopus.com/inward/record.url?scp=85065182331&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065182331&partnerID=8YFLogxK

U2 - 10.1109/CISS.2019.8692790

DO - 10.1109/CISS.2019.8692790

M3 - Conference contribution

AN - SCOPUS:85065182331

T3 - 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019

BT - 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Rizvi SS, Imler J, Ritchey L, Tokar M. Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication. In 2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019. Institute of Electrical and Electronics Engineers Inc. 2019. 8692790. (2019 53rd Annual Conference on Information Sciences and Systems, CISS 2019). https://doi.org/10.1109/CISS.2019.8692790