Christopher W. Badenhop scite author profile

ITU-T G.9959 wireless connectivity is increasingly incorporated in the critical infrastructure. However, evaluating the robustness and security of commercially-available products based on this standard is challenging due to the closed-source nature of the transceiver and application designs. Given that ITU-T G.9959 transceivers are being used in smart grids, building security systems and safety sensors, the development of reliable, open-source tools would enhance the ability to monitor and secure ITU-T G.9959 networks. This chapter discusses the ITU-T G.9959 wireless standard and research on ITU-T G.9959 network security. An open-source, software-defined radio implementation of an ITU-T G.9959 protocol sniffer is used to explore several passive reconnaissance techniques and deduce the properties of active network devices. The experimental results show that some properties are observable regardless of whether or not encryption is used. In particular, the acknowledgment response times vary due to differences in vendor firmware implementations.

show abstract

A black hole attack model using topology approximation for reactive ad-hoc routing protocols

Badenhop

Mullins

2014

IJSN

View full text Add to dashboard Cite

Looking Under the Hood of Z-Wave

Badenhop

Graham

Mullins

et al. 2018

ACM Trans. Cyber-Phys. Syst.

View full text Add to dashboard Cite

Z-Wave is a proprietary Internet of Things substrate providing distributed home and office automation services. The proprietary nature of Z-Wave devices makes it difficult to determine their security aptitude. While there are a variety of open source tools for analyzing Z-Wave frames, inspecting non-volatile memory, and disassembling firmware, there are no dynamic analysis tools allowing one to inspect the internal state of a Z-Wave transceiver while it is running. In this work, a memory introspection capability is developed for three Z-Wave devices containing a ZW0301, a Z-Wave transceiver system-on-chip. In all three devices, the firmware image is modified to include the memory introspection capability by hooking an existing data exfiltration mechanism used by the device. The memory introspection capability is applied to determine how nonces are generated by Z-Wave devices to prevent replay attacks. Through a combination of static and dynamic analysis, the nonce generating algorithm is found to be based on a nonce round key that updates every secure frame transaction.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.