Hit the KeyJack: stealing data from your daily wireless devices incognito

Abstract : Internet of Things (IoT) is one of the most fast-growing field in high technologies nowadays. Therefore, lots of electronic devices include wireless connections with several communication protocols (WiFi, ZigBee, Sigfox, LoRa and so on). Nevertheless, designers of such components do not take care of security features most of the time while focusing on communication reliability (speed, throughput and low power consumption). As a consequence, several wireless IoT devices transmit data in plaintext creating lots of security breaches for both eavesdropping and data injection attacks. This work introduces KeyJack, a preliminary proof-of-concept of a solution aiming to eavesdrop wireless devices and hopefully perform injection attacks afterwards. KeyJack operates on widely-used devices: our keyboards! This solution is based on low-cost embedded electronics and gives an attacker or a white hat hacker the possibility to retrieve data from John Doe's computer. This work also shows that this approach could be used to any wireless device using 2.4GHz radio chips like the NRF24L01 from Nordic Semiconductor.
Liste complète des métadonnées

Cited literature [11 references]  Display  Hide  Download

https://hal-centralesupelec.archives-ouvertes.fr/hal-01383008
Contributor : Pascal Cotret <>
Submitted on : Monday, October 17, 2016 - 11:49:46 PM
Last modification on : Friday, November 16, 2018 - 1:24:54 AM

File

cesar16_fournier-et-al.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution - NonCommercial - NoDerivatives 4.0 International License

Identifiers

  • HAL Id : hal-01383008, version 1

Citation

Guillaume Fournier, Pierre Matoussowsky, Pascal Cotret. Hit the KeyJack: stealing data from your daily wireless devices incognito. Journées C&ESAR, Nov 2016, Rennes, France. ⟨hal-01383008⟩

Share

Metrics

Record views

1342

Files downloads

323