Ghost-in-ZigBee: Energy Depletion Attack on ZigBee-Based Wireless Networks

ZigBee has been widely recognized as an important enabling technique for Internet of Things (IoT). However, the ZigBee nodes are normally resource-limited, making the network susceptible to a variety of security threats. This paper closely investigates a severe attack on ZigBee networks termed as ghost, which leverages the underlying vulnerabilities of the IEEE 802.15.4 security suites to deplete the energy of the nodes. We show that the impact of ghost is very large and that it can facilitate a variety of threats including denial of service and replay attacks. We highlight that merely deploying a standard suite of advanced security techniques does not necessarily guarantee improved security, but instead might be leveraged by adversaries to cause severe disruption in the network. We propose several recommendations on how to localize and withstand the ghost and other related attacks in ZigBee networks. Extensive simulations are provided to show the impact of the ghost and the performance of the proposed recommendations. Moreover, physical experiments also have been conducted and the observations confirm the severity of the impact by the ghost attack. We believe that the presented work will aid the researchers to improve the security of ZigBee further.

[1]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[2]  Matt Welsh,et al.  Simulating the power consumption of large-scale sensor network applications , 2004, SenSys '04.

[3]  Mahmut T. Kandemir,et al.  The Sleep Deprivation Attack in Sensor Networks: Analysis and Methods of Defense , 2006, Int. J. Distributed Sens. Networks.

[4]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[5]  Yu Cheng,et al.  A Renewal Theory Based Analytical Model for the Contention Access Period of IEEE 802.15.4 MAC , 2008, IEEE Transactions on Wireless Communications.

[6]  Myung J. Lee,et al.  Will IEEE 802.15.4 make ubiquitous networking a reality?: a discussion on a potential low power, low bit rate standard , 2004, IEEE Communications Magazine.

[7]  Yu Cheng,et al.  Mitigating selective forwarding attacks with a channel-aware approach in WMNS , 2010, IEEE Transactions on Wireless Communications.

[8]  Sugata Sanyal,et al.  Sleep Deprivation Attack Detection in Wireless Sensor Network , 2012, ArXiv.

[9]  Yu Cheng,et al.  Real-Time Misbehavior Detection and Mitigation in Cyber-Physical Systems Over WLANs , 2017, IEEE Transactions on Industrial Informatics.

[10]  Xiaohui Liang,et al.  Sybil Attacks and Their Defenses in the Internet of Things , 2014, IEEE Internet of Things Journal.

[11]  David I. Laurenson,et al.  Revisiting the Hidden Terminal Problem in a CSMA/CA Wireless Network , 2008, IEEE Transactions on Mobile Computing.

[12]  Ling Shi,et al.  Optimal DoS Attack Scheduling in Wireless Networked Control System , 2016, IEEE Transactions on Control Systems Technology.

[13]  Nicholas Hopper,et al.  Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks , 2013, IEEE Transactions on Mobile Computing.

[14]  Charalampos Konstantopoulos,et al.  A survey on jamming attacks and countermeasures in WSNs , 2009, IEEE Communications Surveys & Tutorials.

[15]  Carlo Fischione,et al.  Duty-cycle optimization for IEEE 802.15.4 wireless sensor networks , 2013, ACM Trans. Sens. Networks.

[16]  Arash Habibi Lashkari,et al.  A survey on wireless security protocols (WEP, WPA and WPA2/802.11i) , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[17]  M. Brownfield,et al.  Wireless sensor network denial of sleep attack , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[18]  Kameswari Chebrolu,et al.  Esense: Energy Sensing-Based Cross-Technology Communication , 2013, IEEE Transactions on Mobile Computing.

[19]  Yu Cheng,et al.  Secure key establishment for Device-to-Device communications , 2014, 2014 IEEE Global Communications Conference.

[20]  Yu Cheng,et al.  An Analytical MAC Model for IEEE 802.15.4 Enabled Wireless Networks With Periodic Traffic , 2015, IEEE Transactions on Wireless Communications.

[21]  Radha Poovendran,et al.  Optimal Jamming Attack Strategies and Network Defense Policies in Wireless Sensor Networks , 2010, IEEE Transactions on Mobile Computing.

[22]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[23]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[24]  Pan Li,et al.  MAC-Layer Selfish Misbehavior in IEEE 802.11 Ad Hoc Networks: Detection and Defense , 2015, IEEE Transactions on Mobile Computing.

[25]  M.R. Doomun,et al.  Energy consumption and computational analysis of rijndael-AES , 2007, 2007 3rd IEEE/IFIP International Conference in Central Asia on Internet.

[26]  Weihua Zhuang,et al.  Real-Time Misbehavior Detection in IEEE 802.11-Based Wireless Networks: An Analytical Approach , 2014, IEEE Transactions on Mobile Computing.

[27]  Yang Xiao,et al.  MAC Security and Security Overhead Analysis in the IEEE 802.15.4 Wireless Sensor Networks , 2006, EURASIP J. Wirel. Commun. Netw..

[28]  Donggang Liu,et al.  Providing DoS resistance for signature-based broadcast authentication in sensor networks , 2013, TECS.

[29]  David A. Wagner,et al.  Security considerations for IEEE 802.15.4 networks , 2004, WiSe '04.

[30]  Donggang Liu,et al.  Pre-authentication filters: providing dos resistance for signature-based broadcast authentication in sensor networks , 2008, WiSec '08.

[31]  Jiming Chen,et al.  Data gathering optimization by dynamic sensing and routing in rechargeable sensor networks , 2013, 2013 IEEE International Conference on Sensing, Communications and Networking (SECON).

[32]  L.-A. Dessaint,et al.  A Generic Battery Model for the Dynamic Simulation of Hybrid Electric Vehicles , 2007, 2007 IEEE Vehicle Power and Propulsion Conference.

[33]  Scott F. Midkiff,et al.  Effects of Denial-of-Sleep Attacks on Wireless Sensor Network MAC Protocols , 2009, IEEE Transactions on Vehicular Technology.

[34]  Xuemin Shen,et al.  Connected Vehicles: Solutions and Challenges , 2014, IEEE Internet of Things Journal.

[35]  Myung J. Lee,et al.  Toward Secure Low Rate Wireless Personal Area Networks , 2006, IEEE Transactions on Mobile Computing.

[36]  Jiming Chen,et al.  Design of a Scalable Hybrid MAC Protocol for Heterogeneous M2M Networks , 2014, IEEE Internet of Things Journal.

[37]  Jie Wu,et al.  Defending Resource Depletion Attacks on Implantable Medical Devices , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.