This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
View analytic
Wednesday, August 6 • 14:00 - 15:00
Demystiphying and Fingerprinting the 802.15.4/ZigBee PHY

Sign up or log in to save this to your schedule and see who's attending!

Producing IEEE 802.15.4 PHY-frames reliably accepted by some digital radio receivers, but rejected by others---depending on the receiver chip's make and model---has strong implications for wireless security. Attackers could target specific receivers by crafting "shaped charges," attack frames that appear valid to the intended target and are ignored by all other recipients. By transmitting in the unique, slightly non-compliant "dialect" of the intended receivers, attackers would be able to create entire communication streams invisible to others, including wireless intrusion detection and prevention systems (WIDS/WIPS).

These scenarios are no longer theoretic. We present methods of producing such IEEE 802.15.4 frames with commodity digital radio chips widely used in building inexpensive 802.15.4-conformant devices. Typically, PHY-layer fingerprinting requires software-defined radios that cost orders of magnitude more than the chips they fingerprint; however, our methods do not require a software-defined radio and use the same inexpensive chips.

Knowledge of such differences, and the ability to fingerprint them is crucial for defenders. We investigate new methods of fingerprinting IEEE 802.15.4 devices by exploring techniques to differentiate between multiple 802.15.4-conformant radio-hardware manufacturers and firmware distributions. Further, we point out the implications of these results for WIDS, both with respect to WIDS evasion techniques and countering such evasion.

This is joint work with Travis Goodspeed, Rebecca Shapiro, and other good neighbors.


Sergey Bratus

Sergey Bratus is a Research Assistant Professor of Computer Science at Dartmouth College. He sees state-of-the-art hacking as a distinct research and engineering discipline that, although not yet recognized as such, harbors deep insights into the nature of computing. He has a Ph.D. in Mathematics from Northeastern University and worked at BBN Technologies on natural language processing research before coming to Dartmouth.

Ira Ray Jenkins

Ira Ray Jenkins is a Ph.D. student at Dartmouth College. He aspires to make micro-controllers do things they don't expect. | | Sergey Bratus is a Research Associate Professor at Dartmouth College. He enjoys sending his students on quests to find "weird machines" in the jungles of New Hampshire. | | Ray and Sergey will be presenting this work on behalf of many fine neighbors with whom they've worked, both at Dartmouth College and elsewhere.

Wednesday August 6, 2014 14:00 - 15:00
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (8)