• Skip to main content
  • Skip to after header navigation
  • Skip to site footer
ERN: Emerging Researchers National Conference in STEM

ERN: Emerging Researchers National Conference in STEM

  • About
    • About AAAS
    • About the NSF
    • About the Conference
    • Partners/Supporters
    • Project Team
  • Conference
  • Abstracts
    • Undergraduate Abstract Locator
    • Graduate Abstract Locator
    • Abstract Submission Process
    • Presentation Schedules
    • Abstract Submission Guidelines
    • Presentation Guidelines
  • Travel Awards
  • Resources
    • Award Winners
    • Code of Conduct-AAAS Meetings
    • Code of Conduct-ERN Conference
    • Conference Agenda
    • Conference Materials
    • Conference Program Books
    • ERN Photo Galleries
    • Events | Opportunities
    • Exhibitor Info
    • HBCU-UP/CREST PI/PD Meeting
    • In the News
    • NSF Harassment Policy
    • Plenary Session Videos
    • Professional Development
    • Science Careers Handbook
    • Additional Resources
    • Archives
  • Engage
    • Webinars
    • ERN 10-Year Anniversary Videos
    • Plenary Session Videos
  • Contact Us
  • Login

Z-Wave Home Automation Security Vulnerabilities

Graduate #127
Discipline: Technology and Engineering
Subcategory: Electrical Engineering

Latha Suryavanshi Mahadeva Rao - Morgan State University
Co-Author(s): Kevin Kornegay and Jumoke Ladeji-Osias, Morgan State University, Baltimore



The Internet of Things (IoT) is a dynamic network that extends internet connectivity to a wide range of everyday things and devices. These devices/things are capable of connecting to the Internet, have an IP address and can communicate with each other over wireless network. Today, Home Automation/Smart Home, a subset of IoT, is changing the way we live as it provides complete control of connected devices, appliances and things at home. Home Automation uses sensors for data collection and protocols like Zigbee, Z-Wave protocol for communication. Z-Wave is a proprietary wireless, low power and low cost protocol that enables reliable communication between all the Z-Wave enabled devices at home. Z-Wave devices offer interoperability and backwards compatibility of devices. Examples of Z-Wave devices include light dimmers, light switches, thermostats, door locks, security sensors and controllers. About 50 million Z-Wave devices from manufacturers who belong to the Z-Wave alliance have been already deployed and are expected to grow about 26 times by 2020. The proliferation of Z-Wave devices not only make ones life easier but pose information security challenges. Our research work entails the assessment of Z-Wave home automation vulnerabilities and proposes countermeasures. Devices sold as Z-wave compliant and available locally are used for the research. A home automation is setup with primary controller, light with on off switch, smart power meter, dimmer, door look and smoke detector. We propose to use different types of attacks like replay attack, Man-in the middle attack on the home automation setup. For launching attacks on the home automation system, we intercept the Z-Wave communications going on between the devices in home automation using EZ-Wave which is built on Scapy Radio framework. We plan build a sniffer and injector tool especially for this purpose. Attacks may also be launched by creating malicious devices that can communicate with the Z-Wave devices. We are currently working towards identifying vulnerabilities at the protocol level, deciphering communication between devices at packet level, set up and build sniffer and injector to launch a physical attack.
References: Security Evaluation of the Z-Wave Wireless Protocol B.Fouladi, S.Ghanoun SensePost UK
International Telecommunication Union (ITU). (1/2015).G.9959: Short range narrow-band digital radio communication transceivers – PHY and MAC layer specifications.
Sigma Designs Today’s IoT: Powered by Z-Wave Retrieved Oct 2016, from Sigma Designs public web site: http://www.sigmadesigns.com/internet-things-starts-home/
Sigma Designs Z-Wave development Kit. Retrieved Oct 2016, from Sigma Designs public web site: http://www.ztssigmadesigns.com/

Funder Acknowledgement(s): This material is based upon work supported by the National Science Foundation under Grant No. 1458930.

Faculty Advisor: Jumoke Ladeji-Osisas, jumoke.ladeji-osias@morgan.edu

Role: Setup of Sigma Design Software development kit, PC Controller, Zniffer, Keil compiler and verification of proper functionality by running sample designs. Setup of the EZ-Wave using Scapy Radio framework, contribute towards building a sniffer and injector tool, identifying vulnerabilities at the protocol level, deciphering communication between devices at packet level, launch a physical attack.

Sidebar

Abstract Locators

  • Undergraduate Abstract Locator
  • Graduate Abstract Locator

This material is based upon work supported by the National Science Foundation (NSF) under Grant No. DUE-1930047. Any opinions, findings, interpretations, conclusions or recommendations expressed in this material are those of its authors and do not represent the views of the AAAS Board of Directors, the Council of AAAS, AAAS’ membership or the National Science Foundation.

AAAS

1200 New York Ave, NW
Washington,DC 20005
202-326-6400
Contact Us
About Us

  • LinkedIn
  • Facebook
  • Instagram
  • Twitter
  • YouTube

The World’s Largest General Scientific Society

Useful Links

  • Membership
  • Careers at AAAS
  • Privacy Policy
  • Terms of Use

Focus Areas

  • Science Education
  • Science Diplomacy
  • Public Engagement
  • Careers in STEM

Focus Areas

  • Shaping Science Policy
  • Advocacy for Evidence
  • R&D Budget Analysis
  • Human Rights, Ethics & Law

© 2023 American Association for the Advancement of Science