Zigbee Case Study

Great Essays
Overview:
With the demand and rise of electronic equipment’s, new technologies are being developed and deployed to meet the global demands. Zigbee is one such technology in rise with low power consumption and low-cost to meet the rising market of Internet of things (IoT) networks. Zigbee is generally deployed for applications which use low data rate and low power consumption and is an open standard worldwide. Zigbee uses a different protocol than Wi-Fi networks where it uses a mesh networking protocol to create a self-healing architecture, thereby supporting much lower data rates than Wi-Fi.

Exploitation in ZigBee devices:
Although Zigbee was claimed to be one of the most secured technology deployed for the use in the smart and IoT devices,
…show more content…
These devices are exploited by assuming that because of their low cost, low power consumption and limited capabilities their hardware is not tamper resistant, which paves way for the attacker to further penetrate and exploit the ZigBee network.

Different types of attacks against ZigBee:
ZigBee is based on 802.15.4 protocol, but however security is not very well implemented by the developers in ZigBee. This has attracted a lot of information security professional to look into the security capabilities of the 802.15.4 protocol and also the implementation of ZigBee radios in the IoT devices. The numerous attacks against ZigBee has been identified and can be classed under the following categories namely,
• Sniffing
Some ZigBee networks do not use proper encryption and attackers can take this advantage to sniff all the communications with the use of proper equipment’s. Sniffing attack in a ZigBee network generally refers to the process of collecting all the available information from a network, which is possible in a network which implements the standard generic security level protocols for communication. This can be prevented by implementing high security by preinstalling the network key on the ZigBee
…show more content…
• The ZigBee network infrastructure should always be protected with the help of a Network key. The network key is implemented at all the nodes and end point including the routers, gateways and devices are made secured. In this way nodes without a valid network key won’t be allowed to enter into the ZigBee infrastructure, thus securing the network and validating it up to a certain extent.
• Employing address filtering at the MAC layer is another security recommendation that must be kept in mind as it is in line with the IEEE 802.15.4 standard and is sometimes referred to as Access Control List (ACL) mode. Depending on the ZigBee vendor this feature should be utilized by all the nodes in the network.
• Source node authentication should be implemented across all the nodes if the ZigBee vendor supports it, this will help in the identification of the transmitting

Related Documents

  • Great Essays

    The main functions of Security Onion are capturing packets, analysis tools, and NIDS and HIDS. Full Packet Captures are done via netsniff-ng – it captures all the network traffic that passes through the sensors and subsequently stores them. Analysis tools such as sguil, OSSEC, Bro, and others help the analyst understand the data. NIDS and HIDS these inspect the systems or the network traffic, and log and alert any suspicious activity. An Intrusion Detection System is a piece of software or hardware security management for computers and networks.…

    • 1488 Words
    • 6 Pages
    Great Essays
  • Great Essays

    The goal of an APT is to gain access into the power grid network and collect as much information as possible. They use the exfiltration techniques that allow them to transfer sensitive information to their data-miner area also know as Command and Control Center. It is important for the APT to mask the data to resemble normal network traffic so that it detection can be made difficult or almost impossible (Cruz, 2013). Method for data exfiltration includes: Backdoors: This method used by the attacker to capture keystrokes, as well as video and audio of the system’s environment, using attached audio microphones and video cameras File transfer protocols Abuse: Attackers can abuse legitimate Windows features as well. For instance, attackers can…

    • 1307 Words
    • 6 Pages
    Great Essays
  • Improved Essays

    Current SDN standard (Overflow) does not cover security aspect of the architecture~cite{Scott2015}. In this section, we will briefly discuss security challenges of SDN. Some of the security threats to SDN are not new. They already exist for the traditional networks but their effect is much more devastating for SDN. DoS/DDoS attack is not new or limited to SDN but its effect is amplified several folds.…

    • 710 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Port Scanning Policy

    • 729 Words
    • 3 Pages

    2. Policies Associated with vulnerability assessment and Penetration testing: Organizations should enforce policies that must be strictly adhered by all associated people to make penetration tests successful and maximize the vulnerability detection rate and fix the detected risks. a. Port Scanning Policy: 1. Purpose and Scope: The purpose of this port scan is to get the information about the devices connected in the network and get verified from the security officer so that none of the irrelevant ports are open and to make companies devices more secure.…

    • 729 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    to an extent through the encryption of data and proper access control management. Still even with these security measures in place, dubious attackers can breach the security measures and gain access to the data in the following ways [4]. • Cross-site scripting • Cross-site request forgery • Cookie manipulation • OS and SQL injection • Insecure storage • Hidden field manipulation Due to the vulnerabilities listed above, achieving data security in cloud remains a mammoth task. 1) Network Security: When using SaaS, the client transfer sensitive information to the application over the network. Hence, it is essential to secure the connection and provide proper network security.…

    • 1432 Words
    • 6 Pages
    Great Essays
  • Improved Essays

    • Custom implementation of authorization and authentication schemes should not be implemented unless they are tested properly [ ]. • Back up policies such as Continuous Data Protection (CDP) should be implemented in order to avoid issues with data recovery in case of a sudden attack [96]. • Additionally, they should be aware if the virtual network infrastructure used by the cloud provider is secured and the various security procedures implemented to ensure the same [25]. Paper [] discusses security challenges in IaaS and discusses identity/access management and multifactor authentication techniques in Amazon Web Service (AWS) cloud. In case of PaaS and SaaS model cloud provider has a responsibility to provide good level of security .Following aspects related to security must be considered.…

    • 745 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    IPsec is often installed on today's IPv4 networks to protect communication over VPN networks. It is used to access VPN, as well as between VPNs. IPv6 transition mechanisms can use this kind of infrastructure to achieve a certain level of protection, even in the absence of IPv6 IPsec. Remote IPv4 hosts access private networks by establishing encrypted VPN access to a gateway device set up for this purpose. If the same host is capable of IPv6, it can break through an IPv6 tunnel over this IPv4-protected communication channel.…

    • 274 Words
    • 2 Pages
    Improved Essays
  • Improved Essays

    The firewall's job is to keep intruders from breaking into the user network. Yet the IDS doesn't keep them out, but it keeps track of attempts to break in. When it comes to how they are different the firewall and IDS are like two sides of a coin. A firewall can block connection, while an Intrusion Detection System (IDS) cannot block connection. An Intrusion Detection System (IDS) alert any intrusion attempts to the security administrator while the firewall generally will not.…

    • 711 Words
    • 3 Pages
    Improved Essays
  • Superior Essays

    Tracking is a necessary evil, but that does not mean that the government should not do anything to help regulate this growing industry. Even if the government does not do anything to help regulate the different tracking mediums there is lots that the consumer can do to help shield themselves from tracking. The consumer is able to use myriad of blocking programs and add-ons, such as AdBlock or Ghostery, designed to halt tracking as much as possible. Cyberspace is wrought with a tracking that helps others know all about you, but it cannot be completely removed, because it is an integral part of the World Wide Web as we know it…

    • 2046 Words
    • 9 Pages
    Superior Essays
  • Superior Essays

    I realize that understanding access control system in computer is significantly important. Access control mechanism in operating system apply to ensure proper privilege, data integrity and availability. Transferred message over network is essential to put security which means encryption at sending point and decryption in receiving point. Basic idea of Cryptography is to convert original message to encrypted message. Converting can either make the encryption process hidden, so that an intruder remain unknow it Or, can use a known technique and use a hidden key.…

    • 1242 Words
    • 5 Pages
    Superior Essays