Security in ZigBee networks

Abstract

When people start using home automation, they always feel the control of the home first: they believe that the future is now, and their application will be their console for life and do not pay attention to what they are losing. And suddenly the switch no longer works? After coming home at night, you have to pull out the phone, open the application, allow it to connect, and finally turn on the light. You can solve this problem with a presence sensor. Luminaires must work both with a switch (or button) at the entrance to the room and through a presence detector. Home automation should be compatible with the current workflow, not replace it. The only interface that can be more convenient and accessible to visitors of all ages is the voice interface. Take, for example, Apple: the only way to manage your HomeKit devices is Siri. Amazon has taken another step forward with Amazon Echo by providing a connected speaker/microphone that always listens. Voice interfaces are also not perfect. Command processing speed is low because you have to wait for an answer. There are also issues with command visibility, accent recognition, and cloud dependency for processing your voice. Good home automation is never annoying, it works unnoticed. Every year the interest in IoT grows, as various solutions appear on the market, differing in price, ecosystem and protocols used. One of the most popular smart home protocols today is Zigbee. Although ZigBee has been designed with security in mind, trade-offs have been made to ensure low cost, low power consumption and high device compatibility. For example, using the same encryption keys at different OSI levels of the same device. Such compromises inevitably lead to security risks. The aim of the article is to study the main security models of ZigBee and the shortcomings of network security.

Keywords: ZigBee security; network security flaws; high device compatibility; IoT; ZigBee security models.

References
1. Бауерс Б. Wireless Security ZigBee: інструментарій для тестувальника проникнення нового віку. 2012. [Електронний ресурс]. URL: http://www.ciscopress.com/articles/article.asp?p=1823368&seqNum=4
2. Кондліфф Дж. Лампочки Philips Hue легко зламати. 2013. [Електронний ресурс]. URL: http://gizmodo.com/how-philips-hue-light-bulbs-are-highlyhackable-1133092324
3. Дханджані Н. Злом лампочок. 2013. [Електронний ресурс]. URL: http://www.dhanjani.com/blog/2013/08/hacking-lightbulbs.html
4. Хейс Дж. Вади бездротової безпеки Zigbee загрожують пристроям IoT. 2015. [Електронний ресурс]. URL: http://eandt.theiet.org/news/2015/aug/zigbee-cognosec.cfm
5. Кумар М. Як дрони можуть знаходити та зламати пристрої Інтернету речей з неба. 2015. [Електронний ресурс]. URL: http://thehackernews.com/2015/08/hacking-internet-ofthings-drone.html
6. Лейден Дж. У центрах Internet of Stuff виявлено загрозу кіберполтергейсту. 2015. [Електрон-ний ресурс]. URL: http://www.theregister.co.uk/2015/07/23/home_hub_insecurity_iot_stalking?page=2
7. The image models of combined correlation-extreme navigation system of flying robots / A. Tantsiura, A. Bondarchuk, O. Ilin [et al.] // International Journal of Advanced Trends in Computer Science and Engineering, 2019. № 8(4). P. 1012–1019.