Insider attacks on Zigbee based IoT networks by exploiting AT commands

This paper has presented three insiders attacks on Zigbee protocol – a protocol used for wireless communication for the Internet of Thing (IoT) devices. The end- user’s communication in IoT networks are sensor oriented as the user objects in IoT networks are embedded with sensors and actuators. Most of the sensors communicate with wireless medium among which many of them use Zigbee protocol. Security is an important element of IoT objects to protect user’s privacy and counter malicious attacks but difficult to guarantee due to its limited capabilities, wireless communication and unpredicted users’ actions. In this paper, we have evaluated Zigbee protocol stack for security vulnerabilities which revealed security weakness of remote AT commands. By using remote AT commands in an IoT network, we have devised three successful insider attacks to make unauthorized change of the destination address of a packet, change of node ID, and the change of PAN ID. These attacks detail will be very useful for IoT researches and practitioners in the security domain to design appropriate countermeasures for Zigbee IoT networks.