Evaluating ITU-T G.9959 based wireless systems used in critical infrastructure assets

IFIP Advances in Information and Communication Technology

Volumn 466, Issue , 2015, Pages 209-227

  Badenhop, Christopher ^a   Fuller, Jonathan ^a   Hall, Joseph ^a   Ramsey, Benjamin ^a   Rice, Mason ^a  

^a NONE

Author keywords

ITU T G.9959; Vulnerabilities; Wireless sniffing; Z Wave

Indexed keywords

CRITICAL INFRASTRUCTURES; FIRMWARE; OPEN SOURCE SOFTWARE; OPEN SYSTEMS; PUBLIC WORKS; RADIO TRANSCEIVERS; SOFTWARE RADIO; TRANSCEIVERS;

APPLICATION DESIGN; BUILDING SECURITY; ITU-T G.9959; SOFTWARE-DEFINED RADIO IMPLEMENTATIONS; VULNERABILITIES; WIRELESS CONNECTIVITIES; WIRELESS SNIFFING; WIRELESS STANDARDS;

NETWORK SECURITY;

EID: 84951872109     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-319-26567-4_13     Document Type: Conference Paper

References (23)

1. L. Apa and C. Hollman, Compromising industrial facilities from 40 miles away, presented at the Black Hat USA Conference, 2013.
2. C. Badenhop and B. Mullins, A black hole attack model using topology approximation for reactive ad-hoc routing protocols, International Journal of Security and Networks, vol. 9(2), pp. 63–77, 2014.
3. W. Boyes, All quiet on the wireless front, Control Global, Schaumburg, Illinois (www.controlglobal.com/articles/2011/all-quite-onthe-wireless-front), August 9, 2011.
4. C. Dubendorfer, B. Ramsey and M. Temple, ZigBee device verification for securing industrial control and building automation systems, in Critical Infrastructure Protection VII, J. Butts and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 47–62, 2013.
5. B. Fouladi and S. Ghanoun, Security evaluation of the Z-Wave wireless protocol, presented at the Black Hat USA Conference, 2013.
6. Freescale Semiconductor, Freescale Beestack: Application Development Guide, Document Number: BSADG Rev. 1.1, Chandler, Arizona, 2008.
7. InGuardians, Converting Radio Signals to Data Packets: Examination of Using GNU Radio Companion for Security Research and Assessment, Washington, DC (www.inguardians.com/pubs/GRC_signal_analysis_InGuardians_v1.pdf), 2014.
8. M. Li, I. Koutsopoulos and R. Poovendran, Optimal jamming attack strategies and network defense policies in wireless sensor networks, IEEE Transactions on Mobile Computing, vol. 9(8), pp. 1119–1133, 2010.
9. G. Noubir, Robust wireless infrastructure against jamming attacks, in Handbook on Securing Cyber-Physical Critical Infrastructure: Foundations and Challenges, S. Das, K. Kant and N. Zhang (Eds.), Morgan Kaufmann, Waltham, Massachusetts, pp. 123–145, 2012.
10. K. Pelechrinis, M. Iliofotou and S. Krishnamurthy, Denial-of-service attacks on wireless networks: The case of the jammers, IEEE Communications Surveys and Tutorials, vol. 13(2), pp. 245–257, 2011.
11. J. Picod, A. Lebrun and J. Demay, Bringing software defined radio to the penetration testing community, presented at the Black Hat USA Conference, 2014.
12. B. Ramsey and B. Mullins, Defensive rekeying strategies for physical-layermonitored low-rate wireless personal area networks, in Critical Infrastructure Protection VII, J. Butts and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 63–79, 2013.
13. B. Ramsey, B. Mullins, R. Speers and K. Batterton, Watching for weakness in wild WPANs, Proceedings of the IEEE Military Communications Conference, pp. 1404–1409, 2013.
14. B. Ramsey, T. Stubbs, B. Mullins, M. Temple and M. Buckner, Wireless infrastructure protection using low-cost radio frequency fingerprinting receivers, International Journal of Critical Infrastructure Protection, vol. 8, pp. 27–39, 2015.
15. B. Reaves and T. Morris, Analysis and mitigation of vulnerabilities in short-range wireless communications for industrial control systems, International Journal of Critical Infrastructure Protection, vol. 5(3-4), pp. 154–174, 2012.
16. L. Schauer, F. Dorfmeister and M. Maier, Potentials and limitations of WiFi-positioning using time-of-flight, Proceedings of the International Conference on Indoor Positioning and Indoor Navigation, 2013.
17. Sigma Designs, Z-Wave Products, Fremont, California (z-wave.sigma designs.com/products), 2015.
18. M. Strasser, B. Danev and S. Capkun, Detection of reactive jamming in sensor networks, ACM Transactions on Sensor Networks, vol. 7(2), article no. 16, 2010.
19. Texas Instruments, 2.4 GHz IEEE 802.15.4/ZigBee-Ready RF transceiver, CC2420, SWRS041c, Dallas, Texas (www.ti.com/lit/ds/symlink/cc2420.pdf), 2014.
20. Texas Instruments, Low-Power Sub-1 GHz RF Transceiver, CC1101, SWRS0611, Dallas, Texas (www.ti.com/lit/ds/symlink/cc1101.pdf), 2015.
21. C. Wright, L. Ballard, S. Coull, F. Monrose and G Masson, Uncovering spoken phrases in encrypted voice-over-IP conversations, ACM Transactions on Information and System Security, vol. 13(4), article no. 35, 2010.
22. W. Xu, W. Trappe, Y. Zhang and T. Wood, The feasibility of launching and detecting jamming attacks in wireless networks, Proceedings of the Sixth ACM International Symposium on Mobile Ad Hoc Neworking and Computing, pp. 46–57, 2005.
23. Zensys, ZM3102N Z-Wave Module Datasheet, Document No. DSH10756, version 6, Fremont, California (media.digikey.com/pdf/Data%20Sheets/Zensys%20PDFs/ZM3102N.pdf), 2007.