Title :
Thwarting attacks on ZigBee - Removal of the KillerBee stinger
Author :
Stelte, Bjorn ; Rodosek, Gabi Dreo
Author_Institution :
Fac. of Comput. Sci., Univ. der Bundeswehr Munchen, Neubiberg, Germany
Abstract :
Wireless Sensor Networks (WSNs) have recently emerged as an important research topic. Due to the enormous number of sensor nodes and the constrained resources, specific research challenges can be identified with respect to security. Almost all available commercial and research sensor nodes are equipped with ZigBee transceiver chips, and thus making ZigBee the de-facto standard in WSN communication. Since Joshua Wright´s KillerBee Framework was released with its focus on exploring and exploiting the security of ZigBee networks, non security-hardened WSNs increase the risk of being vulnerable against certain attacks such as simple association flooding and packet replay attacks. We propose an anomaly-based approach intrusion detection system (IDS) optimized for ZigBee-based WSN to protect ZigBee-based WSN nodes against KillerBee supported attacks. We describe the KillerBee attack procedure and propose an approach of guarding a ZigBee transceiver. Based on an extended sensor node/network simulation and analysis framework, we demonstrate furthermore how our anomaly-based detection engine can thwart attacks on a ZigBee transceiver.
Keywords :
Zigbee; computer network security; radio transceivers; wireless sensor networks; IDS; KillerBee framework; WSN communication; ZigBee transceiver chip; anomaly-based approach; anomaly-based detection engine; de-facto standard; intrusion detection system; network security; nonsecurity-hardened WSN; packet replay attack; sensor node-network simulation; thwart attack; wireless sensor network; Cryptography; IEEE 802.15 Standards; Radiation detectors; Transceivers; Wireless sensor networks; Zigbee;
Conference_Titel :
Network and Service Management (CNSM), 2013 9th International Conference on
Conference_Location :
Zurich
DOI :
10.1109/CNSM.2013.6727840
