Hit the KeyJack: stealing data from your daily wireless devices incognito

Abstract : Internet of Things (IoT) is one of the most fast-growing field in high technologies nowadays. Therefore, lots of electronic devices include wireless connections with several communication protocols (WiFi, ZigBee, Sigfox, LoRa and so on). Nevertheless, designers of such components do not take care of security features most of the time while focusing on communication reliability (speed, throughput and low power consumption). As a consequence, several wireless IoT devices transmit data in plaintext creating lots of security breaches for both eavesdropping and data injection attacks. This work introduces KeyJack, a preliminary proof-of-concept of a solution aiming to eavesdrop wireless devices and hopefully perform injection attacks afterwards. KeyJack operates on widely-used devices: our keyboards! This solution is based on low-cost embedded electronics and gives an attacker or a white hat hacker the possibility to retrieve data from John Doe's computer. This work also shows that this approach could be used to any wireless device using 2.4GHz radio chips like the NRF24L01 from Nordic Semiconductor.
Type de document :
Communication dans un congrès
Journées C&ESAR, Nov 2016, Rennes, France. 2016, 〈https://www.cesar-conference.org/〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal-centralesupelec.archives-ouvertes.fr/hal-01383008
Contributeur : Pascal Cotret <>
Soumis le : lundi 17 octobre 2016 - 23:49:46
Dernière modification le : jeudi 5 avril 2018 - 12:30:19

Fichier

cesar16_fournier-et-al.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité - Pas d'utilisation commerciale - Pas de modification 4.0 International License

Identifiants

  • HAL Id : hal-01383008, version 1

Citation

Guillaume Fournier, Pierre Matoussowsky, Pascal Cotret. Hit the KeyJack: stealing data from your daily wireless devices incognito. Journées C&ESAR, Nov 2016, Rennes, France. 2016, 〈https://www.cesar-conference.org/〉. 〈hal-01383008〉

Partager

Métriques

Consultations de la notice

724

Téléchargements de fichiers

147