Misuse-based detection of Z-Wave network attacks

Jonathan D. Fuller, Benjamin W. Ramsey, Mason J. Rice, John M. Pecarina

Research output: Contribution to journalArticlepeer-review

16 Scopus citations

Abstract

Wireless Sensor Networks (WSNs) are becoming ubiquitous, providing low-cost, low-power, and low-complexity systems in which communication and control are tightly integrated. Although much security research into WSNs has been accomplished, researchers struggle to conduct thorough analyses of closed-source proprietary protocols. Of the numerous available and underanalyzed proprietary protocols, those based on the ITU-T G.9959 recommendation specifying narrow-band sub-GHz communications have recently experienced significant growth. The Z-Wave protocol is the most common implementation of this recommendation. Z-Wave developers are required to sign nondisclosure and confidentiality agreements, limiting the availability of tools to perform open source research. Given recently demonstrated attacks against Z-Wave networks, defensive countermeasures are needed. This work extends an existing implementation of a Z-Wave Misuse-Based Intrusion Detection System (MBIDS). A side-by-side comparison is performed through experimentation to measure misuse detection accuracy of the baseline and extended MBIDS implementations. Experiment results determine the extended MBIDS achieves a mean misuse detection rate of 99%, significantly improving the security posture in MBIDS-monitored Z-Wave networks.

Original languageEnglish
Pages (from-to)44-58
Number of pages15
JournalComputers and Security
Volume64
DOIs
StatePublished - Jan 1 2017
Externally publishedYes

Funding

This research is supported in part by the U.S. Department of Homeland Security ICS-CERT . The views expressed in this work are those of the authors and do not reflect official policy of the United States Army, United States Air Force, Department of Defense, or the U.S. Government.

Keywords

  • Intrusion detection
  • Vulnerability analysis
  • Wireless security
  • Wireless sensor networks
  • Z-Wave

Fingerprint

Dive into the research topics of 'Misuse-based detection of Z-Wave network attacks'. Together they form a unique fingerprint.

Cite this