Visible to the public Securing PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication

TitleSecuring PKES against Relay Attacks using Coordinate Tracing and Multi-Factor Authentication
Publication TypeConference Paper
Year of Publication2019
AuthorsRizvi, Syed, Imler, Jarrett, Ritchey, Luke, Tokar, Michael
Conference Name2019 53rd Annual Conference on Information Sciences and Systems (CISS)
Date Publishedmar
Keywordsamplified relay attack, attacks, authentication, automobile security, automotive electronics, Bluetooth, Bluetooth communication channel, CAR security, coordinate tracing, entry access system, Human Behavior, human factors, Key Bearing algorithm, keys (locking), Metrics, multifactor authentication, passive keyless entry and start system, pattern locks, PKES Forcefield movement-tracing, PKES system, pubcrawl, Resiliency, Scalability, security, Start System, telecommunication channels, threats, tracing system, vehicle sensors
Abstract

In most produced modern vehicles, Passive Keyless Entry and Start System (PKES), a newer form of an entry access system, is becoming more and more popular. The PKES system allows the consumer to enter within a certain range and have the vehicle's doors unlock automatically without pressing any buttons on the key. This technology increases the overall convenience to the consumer; however, it is vulnerable to attacks known as relay and amplified relay attacks. A relay attack consists of placing a device near the vehicle and a device near the key to relay the signal between the key and the vehicle. On the other hand, an amplified relay attack uses only a singular amplifier to increase the range of the vehicle sensors to reach the key. By exploiting these two different vulnerabilities within the PKES system, an attacker can gain unauthorized access to the vehicle, leading to damage or even stolen property. To minimize both vulnerabilities, we propose a coordinate tracing system with an additional Bluetooth communication channel. The coordinate tracing system, or PKES Forcefield, traces the authorized key's longitude and latitude in real time using two proposed algorithms, known as the Key Bearing algorithm and the Longitude and Latitude Key (LLK) algorithm. To further add security, a Bluetooth communication channel will be implemented. With an additional channel established, a second frequency can be traced within a secondary PKES Forcefield. The LLK Algorithm computes both locations of frequencies and analyzes the results to form a pattern. Furthermore, the PKES Forcefield movement-tracing allows a vehicle to understand when an attacker attempts to transmit an unauthenticated signal and blocks any signal from being amplified over a fixed range.

DOI10.1109/CISS.2019.8692790
Citation Keyrizvi_securing_2019