Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Living in the Dark: MQTT-Based Exploitation of IoT Security Vulnerabilities in ZigBee Networks for Smart Lighting Control
View through CrossRef
The Internet of Things (IoT) has provided substantial enhancements to the communication of sensors, actuators, and their controllers, particularly in the field of home automation. Home automation is experiencing a huge rise in the proliferation of IoT devices such as smart bulbs, smart switches, and control gateways. However, the main challenge for such control systems is how to maximize security under limited resources such as low-processing power, low memory, low data rate, and low-bandwidth IoT networks. In order to address this challenge the adoption of IoT devices in automation has mandated the adoption of secure communication protocols to ensure that compromised key security objectives, such as confidentiality, integrity, and availability are addressed. In light of this, this work evaluates the feasibility of MQTT-based Denial of Service (DoS) attacks, Man-in-the-Middle (MitM), and masquerade attacks on a ZigBee network, an IoT standard used in wireless mesh networks. Performed through MQTT, the attacks extend to compromise neighboring Constrained Application Protocol (CoAP) nodes, a specialized service layer protocol for resource-constrained Internet devices. By demonstrating the attacks on an IKEA TRÅDFRI lighting system, the impact of exploiting ZigBee keys, the basis of ZigBee security, is shown. The reduction of vulnerabilities to prevent attacks is imperative for application developers in this domain. Two Intrusion Detection Systems (IDSs) are proposed to mitigate against the proposed attacks, followed by recommendations for solution providers to improve IoT firmware security. The main motivation and purpose of this work is to demonstrate that conventional attacks are feasible and practical in commercial home automation IoT devices, regardless of the manufacturer. Thus, the contribution to the state-of-the-art is the design of attacks that demonstrate how known vulnerabilities can be exploited in commercial IoT devices for the purpose of motivating manufacturers to produce IoT systems with improved security.
Title: Living in the Dark: MQTT-Based Exploitation of IoT Security Vulnerabilities in ZigBee Networks for Smart Lighting Control
Description:
The Internet of Things (IoT) has provided substantial enhancements to the communication of sensors, actuators, and their controllers, particularly in the field of home automation.
Home automation is experiencing a huge rise in the proliferation of IoT devices such as smart bulbs, smart switches, and control gateways.
However, the main challenge for such control systems is how to maximize security under limited resources such as low-processing power, low memory, low data rate, and low-bandwidth IoT networks.
In order to address this challenge the adoption of IoT devices in automation has mandated the adoption of secure communication protocols to ensure that compromised key security objectives, such as confidentiality, integrity, and availability are addressed.
In light of this, this work evaluates the feasibility of MQTT-based Denial of Service (DoS) attacks, Man-in-the-Middle (MitM), and masquerade attacks on a ZigBee network, an IoT standard used in wireless mesh networks.
Performed through MQTT, the attacks extend to compromise neighboring Constrained Application Protocol (CoAP) nodes, a specialized service layer protocol for resource-constrained Internet devices.
By demonstrating the attacks on an IKEA TRÅDFRI lighting system, the impact of exploiting ZigBee keys, the basis of ZigBee security, is shown.
The reduction of vulnerabilities to prevent attacks is imperative for application developers in this domain.
Two Intrusion Detection Systems (IDSs) are proposed to mitigate against the proposed attacks, followed by recommendations for solution providers to improve IoT firmware security.
The main motivation and purpose of this work is to demonstrate that conventional attacks are feasible and practical in commercial home automation IoT devices, regardless of the manufacturer.
Thus, the contribution to the state-of-the-art is the design of attacks that demonstrate how known vulnerabilities can be exploited in commercial IoT devices for the purpose of motivating manufacturers to produce IoT systems with improved security.
Related Results
Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System
Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System
The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT se...
A COMPREHENSIVE REVIEW OF ENERGY-EFFICIENT LIGHTING TECHNOLOGIES AND TRENDS
A COMPREHENSIVE REVIEW OF ENERGY-EFFICIENT LIGHTING TECHNOLOGIES AND TRENDS
Energy-efficient lighting technologies have undergone significant advancements in recent years, driving a transformation in the lighting industry. This comprehensive review explore...
Pioneering advanced security solutions for reinforcement learning-based adaptive key rotation in Zigbee networks
Pioneering advanced security solutions for reinforcement learning-based adaptive key rotation in Zigbee networks
AbstractIn the rapidly evolving landscape of Internet of Things (IoT), Zigbee networks have emerged as a critical component for enabling wireless communication in a variety of appl...
Towards the Integration of Blockchain and IoT for Security Challenges in IoT
Towards the Integration of Blockchain and IoT for Security Challenges in IoT
Internet of things (IoT) technology plays a vital role in the current technologies because IoT develops a network by integrating different kinds of objects and sensors to create th...
Deception-Based Security Framework for IoT: An Empirical Study
Deception-Based Security Framework for IoT: An Empirical Study
<p><b>A large number of Internet of Things (IoT) devices in use has provided a vast attack surface. The security in IoT devices is a significant challenge considering c...
Perancangan dan Implementasi Sistem Peringatan Dini Banjir Berbasis IoT dengan ESP32, MQTT, dan Aplikasi Kodular
Perancangan dan Implementasi Sistem Peringatan Dini Banjir Berbasis IoT dengan ESP32, MQTT, dan Aplikasi Kodular
Floods are the most frequent natural disasters and cause material and non-material losses. One of the problems faced is the lack of early warning when floods occur. This problem ca...
Address direction finding of ZigBee devices
Address direction finding of ZigBee devices
Statement of problem. The active use of wireless technologies requires the development of means of monitoring devices and data transmission networks and, in particular, ZigBee wire...
Is part‐night lighting an effective measure to limit the impacts of artificial lighting on bats?
Is part‐night lighting an effective measure to limit the impacts of artificial lighting on bats?
AbstractAs light pollution is currently considered to be a major threat to biodiversity, different lighting management options are being explored to mitigate the impact of artifici...