A research demo by Poonam Yadav, Nirdesh Sagathia and Dan Wade
performed in the SYSTRON Lab
based in the Department of Computer Science at the University of York
An overview of this work is also published on the SYSTRON Lab website. It was demonstrated at the 2024 16th International Conference on COMmunication Systems & NETworkS (COMSNETS).
Table of Contents
In the rapidly expanding landscape of Internet of Things (IoT) device manufacturing and deployment, concerns about security have become prominent. This demonstration involves practical attacks on a thread-mesh network within a controlled environment, exploiting vulnerabilities in various components of the Thread network stack. Our attack vectors successfully identified nearby Thread networks and devices by gathering 2-byte Personal Area Network ID (PAN ID) and device frequency information, serving as reconnaissance for potential additional attacks. The focus was on investigating susceptibility to replay attacks and packet injection into thread-mesh networks. Although the experiment attempted to capture thread packets to emulate an authorised sender, the cryptographic encryption and sequence numbers employed for integrity checks resulted in packet rejection by the network. Despite this, our successful injection of packets highlights the potential for battery depletion attacks.
View Paper (Published by IEEE)
The following videos show each stage of the attack scenario. View the full YouTube playlist
View CMOS Battery Check Demo on YouTube
View Devices Demo on YouTube
View Thread Topology Monitor Demo on YouTube
View Network Ping Demo on YouTube
View Network Scanning Demo on YouTube
View Network Scanning Demo (2) on YouTube
View Network Sniffer Demo on YouTube
View Wireshark Details and MLE Demo on YouTube
View Python Script Demo on YouTube
View First Attack Demo on YouTube
View Second Attack Demo on YouTube
View Third Attack Demo on YouTube
View Fourth Attack Demo on YouTube