DIMVA 2024, 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment, 17-19 July 2024, Lausanne, Switzerland / Also published in Lecture Notes in Computer Science (LNCS), Vol. 1482
The massive deployment of IoT devices comes with the creation of many wireless communication protocols designed to support various applications. However, while some of these protocols are public and widely used, such as Bluetooth Low Energy or Enhanced ShockBurst, the specifications of other protocols are only partially, if at all, publicly
available, making it difficult for security researchers to study them, especially for auditing purposes. In this paper, we address this issue by presenting an innovative, easy-to-use and protocol-agnostic toolkit to analyze unknown network communications. The toolkit is designed to automatically infer their physical layer characteristics and and to extract
the binary content of their frames. We conducted experiments to identify the modulation parameters for various wireless communications used by off-the-shelf devices as well as for randomly generated protocols, considering both FSK and ASK modulations. In addition, our results show that the proposed toolkit is capable of successfully detecting covert channels in wireless environments. We also conducted a case study on an
undocumented proprietary wireless mouse protocol.
Type:
Conference
City:
Lausanne
Date:
2024-07-17
Department:
Digital Security
Eurecom Ref:
7826
Copyright:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in DIMVA 2024, 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment, 17-19 July 2024, Lausanne, Switzerland / Also published in Lecture Notes in Computer Science (LNCS), Vol. 1482 and is available at : https://doi.org/10.1007/978-3-031-64171-8_27
See also:
