Z-Fuzzer: Device-agnostic fuzzing of Zigbee protocol implementation

7Citations
Citations of this article
24Readers
Mendeley users who have this article in their library.
Get full text

Abstract

With the proliferation of the Internet of Things (IoT) devices, Zigbee is widely adopted as a resource-efficient wireless protocol. Recently, severe vulnerabilities in Zigbee protocol implementations have compromised IoT devices from different manufacturers. It becomes imperative to perform security testing on Zigbee protocol implementations. However, it is not a trivial task to apply the existing vulnerability detection techniques such as fuzzing to Zigbee protocol implementations. In particular, it remains a significant obstacle to deal with low-level hardware events. Many existing protocol fuzzing tools lack a proper execution environment for the Zigbee protocol, which communicates via a radio channel instead of the Internet. To bridge the above gap, we develop a device-agnostic fuzzing platform named Z-Fuzzer to detect security vulnerabilities in Zigbee protocol implementations. Z-Fuzzer provides a software simulation environment with pre-defined peripherals and hardware interrupts configurations to simulate Zigbee protocol execution on real IoT devices. We first extend the existing protocol fuzzing framework's capabilities with a proxy server to bridge communication with the Zigbee protocol execution. Second, we generate more high-quality test cases with code-coverage heuristics. We compare Z-Fuzzer with advanced protocol fuzzing tools, BooFuzz and Peach fuzzer, on top of Z-Fuzzer's simulation platform. Our results show that Z-Fuzzer can achieve higher code coverage in a mainstream Zigbee protocol implementation called Z-Stack. Z-Fuzzer has detected more vulnerabilities using fewer test cases than BooFuzz and Peach. Three of them have been assigned CVE IDs with high CVSS scores (7.5∼8.2).

Author supplied keywords

Cite

CITATION STYLE

APA

Ren, M., Ren, X., Feng, H., Ming, J., & Lei, Y. (2021). Z-Fuzzer: Device-agnostic fuzzing of Zigbee protocol implementation. In WiSec 2021 - Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 347–358). Association for Computing Machinery, Inc. https://doi.org/10.1145/3448300.3468296

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free