Securing IoT (Internet of Things) systems in general, regardless of the communication technology used, has been the concern of many researchers and private companies. As for ZigBee security concerns, much research and many experiments have been conducted to better predict the nature of potential security threats. In this research we are addressing several ZigBee vulnerabilities by performing first hand experiments and attack simulations on ZigBee protocol. This will allow us to better understand the security issues surveyed and find ways to mitigate them. Based on the attack simulations performed and the survey conducted, we have developed a ZigBee IoT framework that could be used to solve security issues in the ZigBee protocol and in IoT in general.
The system developed will: (1) predict a potential malicious attack by detecting the absence of a ZigBee node in the network and responding accordingly through a notification to the user of the system, (2) add another layer of encryption to the data transmitted between the ZigBee devices, (3) provide best practices for configuring and securing ZigBee devices and network, and (4) educate consumers about privacy and data security by involving them in the installation and giving them the autonomy to track in real time any motion activities detected around their house and inputting the time period that they would be notified should any suspicious activity occur.
BACKGROUND ON ZIGBEE PROTOCOL AND SECURITY MEASURES
Most ZigBee radio transceivers operate in the same 2.4GHz ISM (industrial, scientific & medical) band as Wi-Fi and Bluetooth. This standard defines a communication layer level 3 and higher in the OSI model with the purpose of defining extra communication features such as authentication, encryption, and association in the upper layers application services as shown in Figure 1. To be more specific ZigBee implements two extra security layers on top of the IEEE 802.15.4 standard: The Network and Application security layers.
In a tree topology the coordinator acts as the tree node, where routers and/or end devices can connect and communicate to, as shown in Figure 3. A router can be a parent node and can connect to another router, coordinator, and an end device. An end device can only be a children node of the parent coordinator (root node), or to a router; also end device cannot communicate and connect to each other. Children of any specific node can communicate among each other, or to other nodes only through their parent node. The drawback of a tree topology is that in case of a mal functioning or disabled parent node, the children cannot communicate with other devices in the network.
ZIGBEE VULNERABILITIES AND MITIGATION METHODS
ZigBee alliance had put a good effort to achieve authenticity and confidentiality to the communicated packets; though, denial-of-service (DoS) is still an issue and no effort has been done in this area. Multiple stack layers could be affected by this type of attack and that depends if the attacker has joined the network (insider attack) or not (outsider attack). If the attacker has joined the network, the DoS may be conducted at the physical, medium access control, network, and application layers, but in case it’s an outsider the DoS could happen only at the physical and medium access control layers. Figure 8 shows the attacks at several OSI layers.
Unauthenticated acknowledge packets is another “OneTouch” security vulnerability that has been exploited. An unauthenticated remote attacker can spoof acknowledgement packets to cause a remote to believe an acknowledgement was received after performing a command.
ATTACKS SIMULATIONS ON ZIGBEE
In our attack simulations three XBee Pro S2 are used to form the ZigBee network (coordinator, and 2 routers). XBee/XBee-PRO ZB RF module is made by Digi, and it consists of ZigBee firmware loaded into XBee S2 (series 2). Figure 11 shows the XBee Series 2 module.
Arduino makes many types of boards; the one that we will be using in our simulation is the Arduino Mega 2560, based on the Atmega2560 microcontroller. Arduino Mega has 54 digital input/output pins, 16 analog inputs, 4 UARTs (serial ports), and 16 MHz crystal oscillator, shown in Figure 21.
We connected our dummy device to our PC and launched the XTCU application that detected our dummy device, and around 20 seconds later our dummy device was able to detect our home automation ZigBee network and join it without any problem. As we see in Figure 36, the ZigBee device at the top of the figure is our dummy device, and the other 2 remote modules are our coordinator and router for our home automated simulated network.
Secure Implementation of Iot Framework Using Zigbee Protocol
This chapter discusses our own design and implementation of a secure IoT system that uses ZigBee protocol. This chapter goes over our own implementation of a secure IoT framework that uses ZigBee protocol. The security of our systems mainly relies on: configuring ZigBee devices in a secure manner using best practices learned from our attack simulations and other research papers and not using the default configuration; predicting potential malicious attack, by detecting the absence of node (device) that ZigBee protocol lacks and respond accordingly; adding another encryption layer to the data transmitted between the coordinator and the rest of the nodes (end devices or routers) that makes harder for an attacker to decrypt the data communicated; educating consumers about privacy and data security by giving them the autonomy to track in real time any motion activities detected around their house, and setup the time period that they should be notified in case of an attack or unexpected behavior.
Is formed by an Arduino mega 2560 board that is connected to an infrared sensor, and to an XBee Pro S2 through an XBee module and configured as a ZigBee router using XTCU software (refer to section 4.2.1 Hardware for further features information). Once the infrared sensor detects a motion the Arduino board will process the data and send it serially to the XBee Pro S2 device which sends it over air to the receiver. Figure 40 show the router assembled together.
CONCLUSION AND FUTURE WORK
The importance of security in IoT and the domination of ZigBee protocol in home automation were the leading factors in writing this thesis. In this thesis we have surveyed ZigBee vulnerabilities, and shared some recent IoT real world attacks that ZigBee could also be a victim of. We have also performed first hand attacks simulations experiments of some of the most common attacks That have enabled us to design and implement an IoT framework that would prevent them. The IoT framework developed is not unique in its functionality, but its importance is in solving and suggesting security measures that should be implemented by any company that manufacture IoT products in general and that uses ZigBee protocol.
The work that have been done in this thesis solves many problems related to ZigBee and to IoT security vulnerabilities, however, more work and implementation is still needed to obtain an ideal secure IoT framework. Our future work, and as of the continuation of better securing IoT systems will revolve around:
1- Securing and encrypting the Rest Apis used in communication between the coordinator, the server and the web application.
2- Being prepared for an attack by setting up an incident response process, and system recovery.
3- Considering data minimization by not collecting more data then needed.
4- Developing a mobile app that send notification to the user in case of potential attacks, or activity detection.
5- Securing the Interoperability of IoT systems and devices.
Source: University of Nevada
Author: Charbel Azzi