Explore the potential security risks of IoT devices in densely populated urban areas through this IEEE Symposium presentation. Delve into a case study involving Philips Hue smart lamps to understand how a worm can spread rapidly using ZigBee wireless connectivity and physical proximity. Learn about the critical mass of devices needed for a chain reaction, techniques for exploiting vulnerabilities in the ZigBee Light Link protocol, and methods for extracting encryption keys. Gain insights into the challenges of securing IoT devices, even for large companies using standard cryptographic techniques. Examine the implications of this research for future IoT security and urban infrastructure protection.
Overview
Syllabus
Intro
The underlying ZLL protocol
Creating a lightbulb worm
Taking over a preinstalled smart light
Protocol Outline
Protocol Implementation Bug
Protocol Attack Outline
We bought a cheap and lightweight commercial Zigbee evaluation kit
Spreading everywhere
New CPA attack on CCM
A New Type of Attack
Responsible disclousre
What went wrong?
Taught by
IEEE Symposium on Security and Privacy
