Method of Eavesdropping and Spoofing Attacks on Frequency Shift Backscatter Systems

Frequency shift backscatter system is a new low power communication system that will be widely used in IoT applications. In this paper， a method of eavesdropping and spoofing attacks on frequency shift backscatter systems based on a probe signal was proposed to demonstrate the security vulnerability of existing systems. Firstly， the probe signal was transmitted and the reflected signal from the tag was collected for comparison to obtain the frequency shift and modulation method of the tag， and the data on the tag was demodulated to eavesdrop. Secondly， the time domain signal was captured by software defined radio （SDR），down-converted and correlated with itself， and the center frequency of the excitation signal was filtered by a threshold. Finally， a tag-reflected signal of the wrong data was constructed and the excitation signal was sent simultaneously to trick the receiver into receiving the legitimate data. Experiments were conducted to verify the feasibility of the method in frequency shift backscatter systems. The experimental results showed that the method can decode the tag data and sent fake data to the receiver successfully.