Thwarting attacks on ZigBee - Removal of the KillerBee stinger

Stelte, Björn; Rodosek, Gabi Dreo

doi:10.1109/cnsm.2013.6727840

Cited by 33 publications

(13 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, ZigBee provides minimal replay protection, a 4-octet frame counter, so using zbreplay can be extremely effective attacking strategy. In [8] the authors provide a proof of concept for using an anomaly-based detection system in order to prevent association and replay flooding on a network. They claim that an anomaly-based intrusion detection system is more feasible than a pattern-based system because it uses fewer resources, which are scarce on ZigBee devices.…”

Section: Exploiting Zigbee Securitymentioning

confidence: 99%

Exploring security in ZigBee networks

Whitehurst

Andel

McDonald

2014

Proceedings of the 9th Annual Cyber and Information Security Research Conference on - CISR '14

View full text Add to dashboard Cite

ZigBee networks have become popular for their low cost, low power, and ease of implementation. The ZigBee protocol has particularly become prevalent for home automation and controlling devices such as door locks and garage door openers. Preventing attacks and reducing vulnerabilities is imperative in cases where there can be high financial losses due to poor security implementations. For systems where low power and cost are desirable, but security is a priority, the application developer must be extremely cautious in the design of their network. This paper surveys security issues and vulnerabilities in the ZigBee specification and current key management schemes proposed for these networks.

show abstract

Section: Exploiting Zigbee Securitymentioning

confidence: 99%

Exploring security in ZigBee networks

Whitehurst

Andel

McDonald

2014

Proceedings of the 9th Annual Cyber and Information Security Research Conference on - CISR '14

View full text Add to dashboard Cite

show abstract

“…ZigBee. ZigBee is widely used in pervasive computing due to its low bandwidth, low cost, and low power consumption (Stelte and Rodosek, 2013). Our vulnerability analysis is based on KillerBee 2 , in particular on its zbtumbler tool, which detects active ZigBee networks, records and display information about the found devices.…”

Section: Security and Protocolsmentioning

confidence: 99%

“…zbreplay lounges a replay attack, which is countered in (Stelte and Rodosek, 2013). Another MITM attack is explained in (Choi et al, 2013) and exploits a vulnerability in the key distribution.…”

Section: Security and Protocolsmentioning

confidence: 99%

See 1 more Smart Citation

Security And Privacy Issues in Healthcare Monitoring Systems: A Case Study

Handler

Hauge

Spognardi

et al. 2017

Proceedings of the 10th International Joint Conference on Biomedical Engineering Systems and Technologies

View full text Add to dashboard Cite

Abstract:Security and privacy issues are rarely taken into account in automated systems for monitoring elderly people in their home, exposing inhabitants to a number of threats they are usually not aware of. As a case study to expose the major vulnerabilities these systems are exposed to, this paper reviews a generic example of automated healthcare monitoring system. The security and privacy issues identified in this case study can be easily generalised and regarded as alarm bells for all the pervasive healthcare professionals.

show abstract

“…Such retrieval requires the attacker to be located in proximity of the network nodes, in order to sniff the key exchange. Killerbee also includes other threats such as replay [19] or manipulation/injection [20].…”

Section: Related Workmentioning

confidence: 99%

Remotely Exploiting AT Command Attacks on ZigBee Networks

Vaccari

Cambiaso

Aiello

2017

Security and Communication Networks

View full text Add to dashboard Cite

Internet of Things networks represent an emerging phenomenon bringing connectivity to common sensors. Due to the limited capabilities and to the sensitive nature of the devices, security assumes a crucial and primary role. In this paper, we report an innovative and extremely dangerous threat targeting IoT networks. The attack is based on Remote AT Commands exploitation, providing a malicious user with the possibility of reconfiguring or disconnecting IoT sensors from the network. We present the proposed attack and evaluate its efficiency by executing tests on a real IoT network. Results demonstrate how the threat can be successfully executed and how it is able to focus on the targeted nodes, without affecting other nodes of the network.

show abstract

Thwarting attacks on ZigBee - Removal of the KillerBee stinger

Cited by 33 publications

References 11 publications

Exploring security in ZigBee networks

Exploring security in ZigBee networks

Security And Privacy Issues in Healthcare Monitoring Systems: A Case Study

Remotely Exploiting AT Command Attacks on ZigBee Networks

Contact Info

Product

Resources

About