ZigBee is a wireless mesh networking standard for low-power devices. It uses low data rates, low power consumption and mesh networking to connect devices over short distances. ZigBee provides security features like access control, encryption and authentication to protect wireless transmissions. However, ZigBee devices have some security vulnerabilities like weak encryption keys, replay attacks and denial of service attacks that can be exploited if not properly implemented and managed.
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
Regardless of residential or corporate environments, wireless networking has been trending, bringing WLAN equipment revenue up to $5.2 billion in 2015. Unlike wired networks, wireless networks go beyond the walls, and could transmit your corporate or personal data in a way anyone else can eavesdrop. With the quick adaptation of wireless networking, control of smart devices, including smart home devices and smart cars that might be at hands of a blackhat hacker. Looking from a different angle, every time you connect to an untrusted wireless network, a malicious attacker might be listening to your communication.
This session will technically discuss security risks associated with wireless networks, with near real-life demonstrations. Different network security mechanisms and their weaknesses will be discussed. Towards the end of the session, we will be discussing best practices that should be followed to secure wireless networks and your data over wireless networks.
Demonstrations will include following.
* Wireless network discovery and probing
* Wireless network attacks (WEP/WPA/WPS)
* Using OpenWrt open source firmware in wireless security
* Rough wireless access points (MitM/Traffic Logging)
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
Regardless of residential or corporate environments, wireless networking has been trending, bringing WLAN equipment revenue up to $5.2 billion in 2015. Unlike wired networks, wireless networks go beyond the walls, and could transmit your corporate or personal data in a way anyone else can eavesdrop. With the quick adaptation of wireless networking, control of smart devices, including smart home devices and smart cars that might be at hands of a blackhat hacker. Looking from a different angle, every time you connect to an untrusted wireless network, a malicious attacker might be listening to your communication.
This session will technically discuss security risks associated with wireless networks, with near real-life demonstrations. Different network security mechanisms and their weaknesses will be discussed. Towards the end of the session, we will be discussing best practices that should be followed to secure wireless networks and your data over wireless networks.
Demonstrations will include following.
* Wireless network discovery and probing
* Wireless network attacks (WEP/WPA/WPS)
* Using OpenWrt open source firmware in wireless security
* Rough wireless access points (MitM/Traffic Logging)
When setting up and maintaining Wi-Fi home networks, consider these tips for maximizing the security of the computers and data on these networks.
Securing Wireless Networks by maximizing the security of 802.11 standard and minimizing the Risk on Wireless network
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
It is the powerpoint slide.It is all about WPA 3.It will make wifi more secure.This is the future of wireless security.Know how the man in the middle attack and krack attack works.Know also about RC4 encryption.
This ppt includes what is wireless hacking, types of wi-fi eg,wep,wpa,wpa/psk and terms related to it .this also conclude how to crack the wireless hacking ,the tools and commands required for it. this is very usefull . catch it..... :)
When setting up and maintaining Wi-Fi home networks, consider these tips for maximizing the security of the computers and data on these networks.
Securing Wireless Networks by maximizing the security of 802.11 standard and minimizing the Risk on Wireless network
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
It is the powerpoint slide.It is all about WPA 3.It will make wifi more secure.This is the future of wireless security.Know how the man in the middle attack and krack attack works.Know also about RC4 encryption.
This ppt includes what is wireless hacking, types of wi-fi eg,wep,wpa,wpa/psk and terms related to it .this also conclude how to crack the wireless hacking ,the tools and commands required for it. this is very usefull . catch it..... :)
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
The line between the once mutually exclusive IT and engineering departments is beginning to blur as PC-based technologies familiar to the IT sector find their way into measurement applications. Learn how to create synergy between these two groups by understanding how enterprise security protocols apply to wireless/wired measurement systems.
Seminar Paper on Security Issues of 802.11b based on IEEE Whitepaper by Boland, H. and Mousavi, H., Carleton University, Ottawa, Ont., Canada, IEEE Canadian Conference on Electrical and Computer Engineering, 2-5 May 2004
Presented at NZISIG on Tuesday 26th February 2019.
"WPA3: What is it good for? (With a little bit of Bluetooth and a soupçon of GPS)"
I offered this talk to Purplecon but they didn't want it so you're getting it instead. Since it's been a few months I've added some other stuff on the end.
Overview of existing issues in WAP, WPA, WPA2 and WPS
Skateboarding dog story
WPA3 improvements:
- Password protection
- Preshared keys (Simultaneous Authentication of Equals - SAE)
- CNSA
- Opportunistic Wireless Encryption (OWE)
- Wifi Easy Connect
Bluetooth
- Direction finding
- End to end security
GPS
- 6th April could get interesting.
Hello!
Welcome to our CCNA Training (R&S) 200-125 series in Urdu.
CCNA stands for Cisco Certified Network Associate. R&S means Routing & Switching. The Exam Code of this course in 200-125. It's the basic course of CCNA track. If you want to start any certification like CCNA Security then you must pass the exam of CCNA R&S first. The exam time of this course is 90-120 mints. Here 90 mints time is for English Speaking Person & 120 mints time for non-native speakers. Total Marks of Exam is 1000 & Passing mark is 860. Number of Questions in Exam is 55 to 65.
You can book the exam from Pearson testing service.
Here is the link of Exam website.
https://home.pearsonvue.com
EZXPRT an IT Trainnig Institute offers CISCO , Microsoft, Vmware, Huawei, Trainings in Rawalpindi, Lahore, Mirpur and Wah Cant campuses,
We offer ONLINE Live and Recorded Training's on demand and we provide services of Career Counseling, Motivation etc.
For more details you may contact
WhatsApp/Call :+923-23-4699123
shafqaat@ezprt.com
www.ezxprt.com
www.facebook.com/ezxprt
www.youtube.com/c/ezxprt
EZXPRT an IT Trainnig Institute offers CISCO , Microsoft, Vmware, Huawei, Trainings in Rawalpindi, Lahore, Mirpur and Wah Cant campuses, We offer ONLINE Live and Recorded Training's on demand and we provide services of Career Counseling, Motivation etc.
.
CCNA stands for Cisco Certified Network Associate. R&S means Routing & Switching. The Exam Code of this course in 200-125. It's the basic course of CCNA track. If you want to start any certification like CCNA Security then you must pass the exam of CCNA R&S first. The exam time of this course is 90-120 mints. Here 90 mints time is for English Speaking Person & 120 mints time for non-native speakers. Total Marks of Exam is 1000 & Passing mark is 860. Number of Questions in Exam is 55 to 65.
You can book the exam from Pearson testing service.
Here is the link of Exam website.
https://home.pearsonvue.com
For more details you may contact
WhatsApp/Call :+923-23-4699123
shafqaat@ezprt.com
www.ezxprt.com
www.facebook.com/ezxprt
www.youtube.com/c/ezxprt
NERC-CIP’s most recent release, version 5, focuses primarily on BES substations and their critical Cyber Assets (CA), by establishing an Electronic Security Perimeter (ESP) around the substation’s control system. RAD’s Megaplex, a major building block in RAD’s Service Assured Networking (SAN) solutions for power utilities, is strategically located to manage all electronic access to the substation and the cyber assets within it from external and internal attacks.
This paper reviews Megaplex’ 3-tier ESP protection and outlines how it helps power utilities boost their compliance with NERC CIP 005 and 007 requirements
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
PHP Frameworks: I want to break free (IPC Berlin 2024)
Resilience in the ZigBee Residential Mode
1. ZigBee IEEE 802.15.4
What it is:
a high-level communication protocol for WSNs and WPANs
a M2M Area Network Technology for WLANs.
Attributes:
Low power consumption, low-cost, low bitrate
mesh networking standard supports 10-1000 meter range
– highly reliable
stable against node failover
global standards for interoperability
Applications:
Home Automation, Building Automation, Smart Energy, Health and
Fitness, 3D gaming, Telecommunications, Retail, Industrial Control.
2. Security Architecture:
Access Control Frame address validation MAC Layer Frame Integrity, Trust Center Architecture for Secure
Network Admittance.
Authentication and
Data Confidentiality
Symmetric Key Encryption for
Frames
Confidentiality :AES-CTR
Authentication: AES-CBC-MAC with 32,-64,128bit MAC
Confidentiality & Authentication: AES -CCM with 32-,64-,128 bit MAC
Supports PKI.
Frame Integrity Protection against tampering for
data in transit
MIC 32/64/128 bits based on AES-CBC-MAC
Sequential Freshness Prevention of Replay Attacks 4-Byte Frame Counter
Common security concerns:
Long battery life of at least 2 years is a must to pass ZigBee certification.
So resource-intensive security measures are avoided to keep power
consumption low and limited.
Interoperability among ZigBee profiles might force security slackening.
ZigBee-based devices are essentially low-cost, thus lacking protection
from physical attacks using serial interfaces such as GoodFet and BusPirate.
3. Golden Rules for Security in the Residential Mode
• Building blocks of ZigBee security: Key establishment, key
transport, frame protection and device management.
• Key management is all about secure initialization, installation,
processing and storage of Network Keys and Link Keys.
• End-to-end Data Security – Only a source and a destination
device can decrypt a message using a combination of keys.
• The APS and NWK layers can both independently process the
secure MAC frames with either encryption (confidentiality) or
authentication, or both.
• The ZigBee Device Object (ZDO) manages security policies and
security configuration for devices.
4. A real world assessment environment:
Testing a smart device model for lighting and temperature
control based on ZigBee Home Automation Profile
Development Kits: Xbee and Texas Instruments
ZigBee Coordinator (ZC/ZTC) – Xbee RF Module/CC2531 USB Dongle (0x0000)
ZigBee End Device (ZED) – Xbee RF Module/CC2530 development board (0x6EC7)
- set up as a monitoring node, fitted with:
temperature sensor, LED and LDR for light sensing/emission
and light intensity measurement.
ZigBee Router (ZR) – Xbee RF Module/CC2530 development
board (0xCEBC)
In the lab…
5. ZigBee Logical Device Types and Functions
ZigBee Coordinator (FFD, parent)
• starts the network, maintains neighbor and router lists.
• acts as Trust Center for secure node joining (authenticates new joiner).
• PAN Coordinator functions for network and security management.
• can update link key and network key periodically.
• transfers application packets.
ZigBee Router (FFD)
• Allows devices to join the network
• Multi-hop communication
ZigBee End Devices (RFD or FFD, child)
• battery-powered radios with short duty-cycles.
• sensor nodes for data sampling.
• can be routed using a ZigBee gateway.
• transfers application packets.
Node Types
RFD – Reduced Function Device
FFD – Full Function Device
7. 1. EAVESDROPPING FOR NETWORK DISCOVERY & DEVICE IDENTIFICATION
Legitimate Beacon Request Frame (0x07)
Unencrypted Beacon
Response Frame
[PAN ID, source address,
stack profile, stack
version, and IEEE address]
SNIFFED
SENSOR NODE
Spoofed Beacon Request Frame
EXPLOIT DEVICE
Network discovery: Sniffing of the Unencrypted MAC Header to identify configuration, node addresses,
stack profile and PAN IDs from Beacon Responses sent to end devices by Coordinators and Routers.
Packet
Capture
COORDINATOR
8. Replay of the captured LED
ON/OFF packets excluding
ACK frame on the channel.
Delay of 1/10th of a second
between each frame.
2. REPLAY ATTACK – OFFLINE MODE
The Frame Counter in the NWK layer drops replayed packets.
But the MAC layer is vulnerable to replay of MAC command frames as the layer cannot
process an incoming frame counter.
EXPLOIT DEVICE
SENSOR NODE
COORDINATOR
CAPTURED
9. Injecting a spoofed beacon
request frame on a loop
with a 1-sec delay
3. DENIAL OF SERVICE
(A). PACKET INJECTION IN REAL-TIME
Effecting short-term unavailability of the coordinator’s services for a legitimate device
by causing bandwidth consumption and node energy draining.
EXPLOIT DEVICE
Continuous packet
injection to expend
bandwidth.
Node energy drain due to
extended ‘wake’ state
caused by its
retransmission loop in
anticipation of response.
ZC does not respond to
legitimate requests
from network nodes.
COORDINATOR
10. EXPLOIT DEVICE
3. ASSOCIATION FLOOD IN REAL-TIME
Injecting a forged
combination of association
request and data request
on a loop with a 1-sec delay
Disengaging a legitimate device and preventing rejoin using a syn flood attack. Some
vendors defend against this using device identity tables to detect suspicious behavior.
Continuous stream of
Association Responses Association table
overflows, expending
processing memory.
Coordinator’s
Communication with
legitimate nodes is
obstructed.
COORDINATOR
11. Nodes struggle to keep up with rapid PAN ID
rotation process which is triggered repetitively.
After a few seconds, communication
disintegrates.
Coordinator senses PAN ID Conflict and
realigns network to a new PAN ID for
every conflicting PAN ID replayed.
COORDINATOR
Continuous broadcast replay of
forged association responses on
the channel; impersonating the
PAN Coordinator.
Continuous sniffing of the network
to collect PAN IDs, extended PAN
IDs and channel.
EXPLOIT DEVICE 2
4. PAN ID CONFLICT ATTACK
Sabotaging the PAN Coordinator’s network management by means of manipulation
which is in essence, the initiation of a persistent conflict of PAN IDs.
EXPLOIT DEVICE 1
0x94ac
0x8b43
0x6335
0x72bc
12. OTA key provisioning vs. Pre-configured Keys
Network key is delivered in plaintext to end device
- higher susceptibility to key sniffing.
Keys are pre-installed by vendor in manufacture
- unless keys are updated, knowledge of the default keys of the
vendor can be used to make an illegitimate node (of the same
vendor) join the network.
- physical attacks often attempted.
Key rotation process is supported. Key rotation / revocation is not possible.
All data is initially encrypted with network key until link keys
are derived.
After device pairing, all data is encrypted with pre-installed link
key.
Widely preferred for large scale deployments for ease of set up
since employees need not handle activation procedures.
Small deployments in home automation are more likely to use
this method of key provisioning.
• Trust Center in the Residential Mode or Standard Security Mode maintains only the standard network keys.
We deem it necessary for deployers to equip the TC host with enough resources to maintain a list of nodes and
network policies to incorporate the resilience features of the High Security Mode to the extent possible while
maintaining the low-cost factor.
• The OTA key provisioning mechanism must be bolstered by other security measures to reduce key sniffing/reuse
vulnerabilities.
• Optimally leverage the AES-based security framework and Trust Center controls to harden the network ecosystem.
13. Nonce Reuse
• Sequential message numbers (nonces) can help detect and prevent replay attacks.
• Nonces must always be distinct although the security key is same for two messages.
• Attackers can spoof messages by copying the same nonce used by a previous message.
Save nonces in NVRAM so that status is preserved after a power failure.
Security at the MAC Layer
• MAC Layer only secures its own frames between neighboring nodes (no end-to-end protection as in APS layer)
• ACL-based node admission and Unsecured Mode are unreliable.
MIC must be used to validate frame check sum and message sequence.
Preventing Physical Attacks
• Debuggers and key sniffers are used to extract encryption keys from firmware on any node.
• Existing key is usually not invalidated once a node is removed from the network
– this eases rogue entry into network.
Tamper-proofing nodes and Out-of-band key loading via serial ports helps eliminate exposure to sniffing.
Best Practices
Node Revival
• Association/Syn Floods and PAN ID Conflict Attacks aim at disengaging nodes and disrupting
coordinator responses.
• Disconnected nodes are not immediately discernible.
Set Node Join Time parameter to ’Always’.