A ZigBee honeypot to assess IoT cyberattack behaviour
| Autor: | Michael Schukat, Seamus Dowling, Hugh Melvin |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Engineering
Honeypot business.industry ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology computer.software_genre Computer security law.invention Home automation law Default gateway 0202 electrical engineering electronic engineering information engineering Malware ComputerSystemsOrganization_SPECIAL-PURPOSEANDAPPLICATION-BASEDSYSTEMS 020201 artificial intelligence & image processing business Wireless sensor network computer Remote control NeuRFon Computer network |
| Zdroj: | 2017 28th Irish Signals and Systems Conference (ISSC). |
| DOI: | 10.1109/issc.2017.7983603 |
| Popis: | Wireless Personal Area Networks (WPAN) allow for the implementation of applications such as home automation, remote control services, near-field technologies and personal health care management. Security is a critical requirement of the standards and protocols for these environments. One suite of layered protocols within WPAN is ZigBee. ZigBee is a low bit rate protocol utilised in Wireless Sensor Networks (WSN). Attacks such as physical, crypto key interception, injection and replay are perpetrated on ZigBee networks. These attacks can be instigated and controlled within the physical ZigBee WSN location or via a gateway. This paper creates a honeypot that simulates a ZigBee gateway. It is designed to assess the presence of ZigBee attack intelligence on a SSH attack vector. It captures all attack traffic for retrospective analysis. It sandboxes attacks of interest to determine if any attempts are targeting ZigBee specifically. Finally it concludes that all captured mass attacks are mainstream DDoS and bot malware, whereas individual attackers where attracted to and interacted with the ZigBee simulated Honeypot. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|