Abstract

  Internet of Things (IoT) is one of the most consolidated technologies adopted in the world. Being exchanged information extremely sensitive, due to the nature of IoT devices and networks, cyber security of IoT systems is a critical topic to be investigated in deep by studying protocols, devices and technologies in order to identify possible vulnerabilities and weakness. In this work, a threat against ZigBee called Remotely AT Command attack is studied and analyzed in order to develop an innovative protection system able to detect and mitigate the devices from this innovative threat. Also, the protection system implemented is tested and validated on a real network by using XBee module [1], a wireless module adopted to implement and instantiate ZigBee network.

   The proposed protection system aims to verify if devices are able to communicate on the network when the attack is running. In this case, just before the sensor is ready to communicate on the network, an internal check is accomplished directly by the IoT device: if needed, an additional reconfiguration is accomplished, in order to restore connectivity of the node in order to mitigate the threat. The results of this work are very interesting since, if executed against real network, the Remote AT Command attack could create huge damage to companies. For this reason, the protection system implemented is an innovative result in terms of research achievement.

Keywords: Zigbee; AT Command; Cyber Threats; Protection Systems; Internet of Things; Cybersecurity; Network Security

References

1. Piyare Rajeev and Seong-ro Lee. “Performance Analysis of XBee ZB Module Based Wireless Sensor Networks”. International Journal of Scientific and Engineering Research (2013).
2. Kaur Kuljeet., et al. “A Big Data-Enabled Consolidated Framework for Energy Efficient Software Defined Data Centers in IoT Setups”. IEEE Transactions on Industrial Informatics (2020).
3. Sisinni Emiliano., et al. “Industrial Internet of Things: Challenges, Opportunities, and Directions”. IEEE Transactions on Industrial Informatics (2018).
4. Gupta Reetu and Rahul Gupta. “ABC of Internet of Things: Advancements, Benefits, Challenges, Enablers and Facilities of IoT”. 2016 Symposium on Colossal Data Analysis and Networking, CDAN (2016).
5. Pavithra D and Ranjith Balakrishnan. “IoT Based Monitoring and Control System for Home Automation”. Global Conference on Communication Technologie GCCT (2015).
6. Xu Li Da., et al. “Industry 4.0: State of the Art and Future Trends”. International Journal of Production Research 56.8 (2018).
7. Catarinucci, Luca., et al. “An IoT-Aware Architecture for Smart Healthcare Systems”. IEEE Internet of Things Journal (2015).
8. Grieco LA., et al. “IoT-Aided Robotics Applications: Technological Implications, Target Domains and Open Issues”. Computer Communications 54 (2014): 32-47.
9. Latré Steven., et al. “City of Things: An Integrated and Multi-Technology Testbed for IoT Smart City Experiments”. IEEE 2nd International Smart Cities Conference: Improving the Citizens Quality of Life, ISC2 2016 - Proceedings (2016).
10. Zhang Yingfeng., et al. “A Framework for Smart Production-Logistics Systems Based on CPS and Industrial IoT”. IEEE Transactions on Industrial Informatics (2018).
11. Russell L., et al. “Agile IoT for Critical Infrastructure Resilience: Cross-Modal Sensing As Part of a Situational Awareness Approach”. IEEE Internet of Things Journal (2018).
12. Celik Z Berkay., et al. “Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities”. ACM Computing Surveys (2019).
13. Ivan Vaccari., et al. “Remotely Exploiting at Command Attacks on ZigBee Networks”. Security and Communication Networks (2017).
14. Marian Salavat and Popa Mircea. “Sybil Attack Type Detection in Wireless Sensor Networks Based on Received Signal Strength Indicator Detection Scheme”. Applied Computational Intelligence and Informatics (SACI), 2015 IEEE 10th Jubilee International Symposium On, IEEE (2015): 121-24.
15. Weekly Kevin and Kristofer Pister. “Evaluating Sinkhole Defense Techniques in RPL Networks”. Network Protocols (ICNP), 2012 20th IEEE International Conference On, IEEE (2012): 1-6.
16. Al Baalbaki, Bilal., et al. “Anomaly Behavior Analysis System for ZigBee in Smart Buildings”. Computer Systems and Applications (AICCSA), 2015 IEEE/ACS 12th International Conference Of, IEEE (2015): 1-4.
17. Jokar Paria and Victor Leung. “Intrusion Detection and Prevention for ZigBee-Based Home Area Networks in Smart Grids”. IEEE Transactions on Smart Grid (2016).
18. Cui Baojiang., et al. “A Novel Fuzzing Method for Zigbee Based on Finite State Machine”. International Journal of Distributed Sensor Networks (2014).
19. Jia Jia and Julian Meng. “A Novel Approach for Impulsive Noise Mitigation in ZigBee Communication System”. 2014 Global Information Infrastructure and Networking Symposium (GIIS) IEEE (2014): 1-3.
20. Zillner Tobias and S Strobl. “ZigBee Exploited: The Good the Bad and the Ugly”. (2015).
21. Deniz Emre and Refik Samet. “A New Model for Secure Joining to ZigBee 3.0 Networks in the Internet of Things”. International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism, IBIGDELFT 2018 - Proceedings (2019).
22. Raymond David R., et al. “Effects of Denial-of-Sleep Attacks on Wireless Sensor Network MAC Protocols”. IEEE Transactions on Vehicular Technology 58.1 (2009): 367-380.
23. Ramsey Benjamin and Barry Mullins. “Defensive Rekeying Strategies for Physical-Layer-Monitored Low-Rate Wireless Personal Area Networks”. International Conference on Critical Infrastructure Protection, Springer (2013): 63-79.
24. Biswas Anshuman., et al. “A Lightweight Defence against the Packet in Packet Attack in ZigBee Networks”. Wireless Days (WD), 2012 IFIP, IEEE (2012): 1-3.
25. Ge Mengmeng., et al. “Proactive Defense Mechanisms for the Software-Defined Internet of Things with Non-Patchable Vulnerabilities”. Future Generation Computer Systems 78 (2017): 568-582.
26. Xu Wenyuan., et al. “Jamming Sensor Networks: Attack and Defense Strategies”. IEEE Network 20.3 (2006): 41-47.
27. Muraleedharan Rajani and Lisa Ann Osadciw. “Jamming Attack Detection and Countermeasures in Wireless Sensor Network Using Ant System”. Wireless Sensing and Processing, International Society for Optics and Photonics (2006): 62480G.
28. Perrig Adrian., et al. “Security in Wireless Sensor Networks”. Communications of the ACM 47 (2004): 53-57.
29. Chen Gonglong and Wei Dong. “JamCloak: Reactive Jamming Attack over Cross-Technology Communication Links”. Proceedings - International Conference on Network Protocols ICNP (2018). 
30. Vidgren Niko., et al. “Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned”. System Sciences (HICSS), 2013 46th Hawaii International Conference On, IEEE (2013): 5132-5138.
31. Olawumi Olayemi., et al. “Three Practical Attacks against ZigBee Security: Attack Scenario Definitions, Practical Experiments, Countermeasures, and Lessons Learned”. Hybrid Intelligent Systems (HIS), 2014 14th International Conference On, IEEE (2014): 199-206.
32. Vaccari Ivan., et al. “Evaluating Security of Low-Power Internet of Things Networks”. International Journal of Computing and Digital Systems (2019).
33. Makhanya SP., et al. “A Smart Switch Control System Using ESP8266 Wi-Fi Module Integrated with an Android Application”. Proceedings of 2019 the 7th International Conference on Smart Energy Grid Engineering, SEGE 2019 (2019).
34. Dictionary AT. Command. ETRX2 and ETRX3 Series ZigBee® Modules AT-Command Dictionary (2010).

Citation

Citation: Ivan Vaccari., et al. “Innovative Protection System Against Remote AT Command Attacks on ZigBee Networks”. Acta Scientific Computer Sciences 2.4 (2020): 02-08.

Copyright

Copyright: © 2020 Ivan Vaccari., et al. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.