Jung-Chang Liou
ABSTRACT
Z-Wave is one of the key access protocols of the Internet of Things (IoT). It is highly popular in home automation and security system applications due to its minimum power consumption, reliability, and cost effectiveness. With an estimate of over 100 million deployed Z-Wave devices around the globe, it is essential to understand their security landscape. For instance, Z-Wave devices can leak personal information about the home dwellers as well as their possessions and buglers can use compromised Z-Wave devices to disable security systems or even to feed incorrect information. In this paper, we present an experiment setup and early results of side-channel information leaks of Z-Wave. We show that Z-Wave traffic despite being encrypted, leaks information through side-channels and an attacker who can passively capture Z-Wave frames by simply being in the vicinity of a house can identify Z-Wave devices inside the house.
- 2018. End of Year Z-Wave Ecosystem Report. https://z-wavealliance.org/z-wave-alliance-2018-end-of-year-z-wave-report/Google Scholar
- 2020. HackRF One. https://greatscottgadgets.com/hackrf/one/Google Scholar
- 2020. Z-Wave Sniffer Pro. https://gitlab.com/sajaljainsyd/Z-Wave-Sniffer-ProGoogle Scholar
- Leonardo Babun, Hidayet Aksu, Lucas Ryan, Kemal Akkaya, Elizabeth S Bentley, and A Selcuk Uluagac. 2020. Z-IoT: Passive Device-class Fingerprinting of ZigBee and Z-Wave IoT Devices. In IEEE International Conference on Communications.Google Scholar
- B. W. Ramsey B. E. Mullins C. W. Badenhop, S. R. Graham and L. O. Mailloux. 2017. The Z-Wave routing protocol and its security implications. In Computers Security.Google Scholar
- B. Fouladi and S. Ghanoun. 2013. Security Evaluation of the Z-Wave wireless protocol. In Black hat USA, Vol. 24. 1--2.Google Scholar
- J. D. Fuller and B. W. Ramsey. 2015. Rogue Z-Wave controllers: A persistent attack channel. In IEEE 40th Local ComputerNetworks Conference Workshops.Google Scholar
- Z. Taqvi I. Unwala and J. Lu. 2018. Iot security: Zwave and thread. In 2018 IEEE Green Technologies Conference (GreenTech). IEEE, 176--182.Google Scholar
- C MacGillivray and D Reinsel. 2019. Worldwide global datasphere IoT device and data forecast 2019--2023. Int. Data Corp.(IDC) (2019).Google Scholar
- A. Siemer P. Felke N. Boucif, F. Golchert and F. Gosewehr. [n.d.]. Crushing the wave-new z-wave vulnerabilities exposed. ([n. d.]). arXiv:2001.08497Google Scholar
- Tara Salman and Raj Jain. 2019. A survey of protocols and standards for internet of things. arXiv preprint arXiv:1903.11549 (2019).Google Scholar
Index Terms
Side-channel information leaks of Z-wave smart home IoT devices: demo abstract
Recommendations
Security in smart home environment: issues, challenges, and countermeasures - a survey
The accelerated spread of the IoT and rapid development of modern communication networks and technologies have connected the physical world with computational elements in the smart home environment. The smart home is based on IoT technology which ...
Enablement of IoT Based Context-Aware Smart Home with Fog Computing
The recent advent of Internet of Things IoT, has given rise to a plethora of smart verticals-smart homes being one of them. Smart Home is a classic example of IoT, wherein smart appliances connected via home gateways constitute a local home network to ...
A security authorization scheme for smart home Internet of Things devices
AbstractThe Internet of Things (IoT) is becoming an important factor in many areas of our society. IoT brings intelligence to critical aspects like transportation, industry, payments, health and many others. The interaction between embedded ...
Highlights- A lightweight identity stack for IoT for digital identity.
- A Cloud federated ...
Comments