Abstract
Wireless Sensor Networks (WSNs) are becoming ubiquitous, providing low-cost, low-power, and low-complexity systems in which communication and control are tightly integrated. Although much security research into WSNs has been accomplished, researchers struggle to conduct thorough analyses of closed-source proprietary protocols. Of the numerous available and underanalyzed proprietary protocols, those based on the ITU-T G.9959 recommendation specifying narrow-band sub-GHz communications have recently experienced significant growth. The Z-Wave protocol is the most common implementation of this recommendation. Z-Wave developers are required to sign nondisclosure and confidentiality agreements, limiting the availability of tools to perform open source research. Given recently demonstrated attacks against Z-Wave networks, defensive countermeasures are needed. This work extends an existing implementation of a Z-Wave Misuse-Based Intrusion Detection System (MBIDS). A side-by-side comparison is performed through experimentation to measure misuse detection accuracy of the baseline and extended MBIDS implementations. Experiment results determine the extended MBIDS achieves a mean misuse detection rate of 99%, significantly improving the security posture in MBIDS-monitored Z-Wave networks.
Original language | English |
---|---|
Pages (from-to) | 44-58 |
Number of pages | 15 |
Journal | Computers and Security |
Volume | 64 |
DOIs | |
State | Published - Jan 1 2017 |
Externally published | Yes |
Funding
This research is supported in part by the U.S. Department of Homeland Security ICS-CERT . The views expressed in this work are those of the authors and do not reflect official policy of the United States Army, United States Air Force, Department of Defense, or the U.S. Government.
Keywords
- Intrusion detection
- Vulnerability analysis
- Wireless security
- Wireless sensor networks
- Z-Wave