ZigBee is a low power, low data wireless protocol that is used for low rate short range (PAN type) networks due to simplicity and ease of use. Different attempts have been proposed to secure the ZigBee networks by proposing a stack modification. Our approach, however, does not require any changes to the protocol stack or to the ZigBee device, and therefore has potential for further application. This approach, as summarized in this paper, is by detecting malicious activities in ZigBee network and denying access. To test the approach we have built a testbed and have experimented with the most likely scenarios of attack for ZigBee sensor networks. It was discovered that the Network Discovery process is the key in all attack scenarios. The idea of adding an intrusion detection system eliminates the threats that are presented by the stack pitfalls and requires no particular change to the existing stack or network. It was observed that the system has successfully secured this process without interrupting or adding traffic to the ZigBee network
展开▼
