This thesis investigates security issues in the wireless medium surrounding many
of today’s modern devices. Such devices that have analog sensors measuring physical
processes also have circuits to amplify the signal before it gets converted into a digital
format for processing and communication. Those analog input circuits by their use
of low voltage signals are sensitive to electromagnetic interferences (EMI). This work
investigates the use of EMI as a method of signal injection into the device. The analog
inputs are typically not checked for forged waveforms and can be manipulated wirelessly
by an attacker. The fundamental vulnerability of those circuits is explored and bounds
are derived for the attack. Solutions are proposed for classes of devices depending on
their individual constraints.
The next part of this work looks at a subset of wireless communication protocols
used by devices, focusing on integrated clinical environments. A corresponding list of
security requirements is proposed and used to evaluate currently available standards,
revealing large gaps. This section concludes by proposing a direction on composing
secure integrated clinical environments based on the requirement list.
On a larger scale, this thesis analyzes wireless cellular GSM networks. It first reveals
location information leaks on the air interface due to the broadcast methods used to
notify phones in a given geographic area that there is an incoming call. This section
also proposes solutions to mitigate the information leaks discovered. This work then
looks at the difficulty of properly and fairly accounting for bytes transferred on behalf
of the application layer. A tradeo↵ point used by current transport layers based on
wired networks is guaranteed delivery with increased overhead. This section investigates
methods that could exploit transport layer retransmission mechanisms to exhaust the
financial resources of a cellular user.
This thesis focuses heavily on understanding the attacker and methods to wirelessly
exploit vulnerabilities in systems. This is a necessary step in building better future systems and evaluating current systems.