Demo: Battery Depletion Attack Through Packet Injection on IoT Thread Mesh Network

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In the rapidly expanding landscape of Internet of Things (IoT) device manufacturing and deployment, concerns about security have become prominent. This demonstration involves practical attacks on a thread-mesh network within a controlled environment, exploiting vulnerabilities in various components of the Thread network stack. Our attack vectors successfully identified nearby Thread networks and devices by gathering 2-byte Personal Area Network ID (PAN ID) and device frequency information, serving as reconnaissance for potential additional attacks. The focus was on investigating susceptibility to replay attacks and packet injection into thread-mesh networks. Although the experiment attempted to capture thread packets to emulate an authorised sender, the cryptographic encryption and sequence numbers employed for integrity checks resulted in packet rejection by the network. Despite this, our successful injection of packets highlights the potential for battery depletion attacks.
Original languageEnglish
Title of host publication2024 16th International Conference on COMmunication Systems and NETworkS, COMSNETS 2024
Pages318-320
Number of pages3
ISBN (Electronic)979-8-3503-8311-9
DOIs
Publication statusPublished - 16 Feb 2024

Keywords

  • IEEE 802.15.4
  • Internet of Things (IoT)
  • Interoperability
  • Matter Protocol
  • Thread
  • Thread Protocol
  • Zigbee

Cite this