Advertisement

Brief Announcement: Passive and Active Attacks on Audience Response Systems Using Software Defined Radios

  • Khai T. Phan
  • Ryan Ewing
  • David Starobinski
  • Liangxiao Xin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10616)

Abstract

Audience response systems, also known as clickers, are used at many academic institutions to offer active learning environments. Since these systems are used to administer graded assignments, and sometimes even exams, it is crucial to assess their security. Our work seeks to exploit and document potential vulnerabilities of clickers. For this purpose, we use software defined radios to perform jamming, sniffing and spoofing attacks on an audience response system in production, which provide different possible methods of cheating. The results of our study demonstrate that clickers are easily exploitable. We build a prototype and show that it is practically possible to covertly steal or forge answers of a peer or even an entire classroom, with high levels of confidence. Additionally, we find that the receivers software of the system lacks protection against unexpected answers, which allows our spoofer to submit any ASCII character and opens the receiver up to possible fuzzing attacks. As a result of this study, we discourage using clickers for high-stake assessments, unless they provide proper security protection.

Notes

Acknowledgments

The authors thank Prof. Ari Trachtenberg for his suggestion to investigate fuzzing attacks. This work was supported in part by NSF under grants CNS-1409053, CNS-1563753 and CNS-1717858. The views expressed in this paper are those of the authors only, and do not necessarily reflect the views of NSF.

References

  1. 1.
    Students more accepting of using clickers for exams, April 2014. http://my.umbc.edu/groups/doit/posts/44012
  2. 2.
  3. 3.
    The GNU Radio Foundation, Inc.: GNU Radio (2017). http://gnuradio.org/
  4. 4.
    Han, J.H., Finkelstein, A.: Understanding the effects of professors’ pedagogical development with clicker assessment and feedback technologies and the impact on students’ engagement and learning in higher education. Comput. Educ. 65, 64–76 (2013). http://www.sciencedirect.com/science/article/pii/S0360131513000237CrossRefGoogle Scholar
  5. 5.
    Kastner, M.: The use of an audience response system to monitor students’ knowledge level in real-time, its impact on grades, and students’ experiences. In: 2016 49th Hawaii International Conference on System Sciences (HICSS), pp. 104–113, January 2016Google Scholar
  6. 6.
    Kulatunga, U., Rameezdeen, R.: Use of clickers to improve student engagement in learning: observations from the built environment discipline. Int. J. Constr. Educ. Res. 10(1), 3–18 (2014)CrossRefGoogle Scholar
  7. 7.
  8. 8.
    Valerio, D.: Open source software-defined radio: A survey on gnuradio and its applications. Technical report FTW-TR-2008-002, August 2008. http://www.astro.square7.ch/Datenblaetter/SDRreport.pdf

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Khai T. Phan
    • 1
  • Ryan Ewing
    • 1
  • David Starobinski
    • 1
  • Liangxiao Xin
    • 1
  1. 1.Boston UniversityBostonUSA

Personalised recommendations