Litcius/Paper detail

New Replay Attacks on ZigBee Devices for Internet-of-Things (IoT) Applications

Mohammad Shafeul Wara, Qiaoyan Yu

202022 citationsDOI

Abstract

The ZigBee wireless technologies have been widely applied in Internet of Things (IoT) applications. Among all identified security threats, replay attack is one of the major challenges. Although the firmware and authentication algorithms for ZigBee devices are being updated over the time, the security measures for ZigBee enabled IoT devices cannot efficiently thwart all replay attacks. As new sniffing devices are available on the market, new replay attacks will further challenge the integrity of the communication between ZigBee devices. This work proposes a new replay attack to reveal the security vulnerabilities of the existing commercial ZigBee devices, Phillips Hue bulbs and Xbee S1 and S2C modules. Two case studies performed in this work confirm that the proposed replay attack can successfully transmit the captured packets to the victim device in spite of the built-in countermeasures.

Topics & Concepts

Replay attackFirmwareComputer scienceComputer securityInternet of ThingsAuthentication (law)Embedded systemComputer networkNetwork packetWirelessThe InternetTelecommunicationsComputer hardwareOperating systemAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionCryptographic Implementations and Security