MAC layer security services in IEEE 802.15.4

Abstract

The Institute of Electrical and Electronics Engineers (IEEE) 802.15.4 standard describes the Medium Access Control (MAC) sub-layer and Physical layer of the Open Systems Interconnection (OSI) model of low-rate wireless networks. This standard focuses on low power communication over the radio link. Low power usage and low cost make the standard attractive for Internet of Things (IoT) devices. As the demand on these devices increase, and the usage includes more sensitive information, the security of the networks becomes more important.

This thesis presents a practical exploration of IEEE 802.15.4 networks and settings, deployed in a real-world environment. The goal was to find out what security settings was used on the MAC sub-layer, to secure the networks from different attack scenarios.

A custom-made sniffer device delivered by Eurecom, the Seizemote, was tested and used throughout the thesis work. The Seizemote specializes in parallel sniffing, and proved to be effective for war-walking experiments.To learn what security IEEE 802.15.4 networks use in practice, a war-walk experiment was performed. The Seizemote was carried around in the city center of Trondheim, while passively capturing packets from the nearby networks. By performing this war-walking experiment it was shown that many IEEE 802.15.4 networks in practice do not deploy link layer security. This can leave them vulnerable to Denial of Service (DoS) and Man-In-The-Middle (MITM) attacks, and even assist in attacks on the higher layer protocols.