Finding a Topology Obfuscation Method for IEEE 802.15.4

IoT is an ever-progressing area of research. Nowadays every company is looking for ways of integrating their products with IoT for reasons of feasibility and innovation. As the number of devices connecting into the Internet grows every day, the security of these wireless devices grows in complexity. This is due to the wireless properties and nature of these networks and the low energy consumption from these battery-based devices joining the network. The risk pertaining to the insecurity of these networks is also heightened by the fact that the physical aspect of users can

be affected by attacks to the network. The motivation of this project is based on the idea that any vulnerability and any security issue need to be treated with persistent concern. In their 2020 paper, Akestoridis et al. show their work of the open source Zigbee Network security analysis tool called Zigator. Through this work they found a stream of reconnaissance attacks targeting Zigbee's lower layers, stated by the IEEE 802.15.4 standard, where it was observed that by pairing the short MAC addresses between source and destination packets, an attacker can infer the network topology. IEEE 802.15.4 standard provides a security feature that does not encrypt the MAC packet headers, thus what propelled us to find an approach with obfuscation. The most common way for obfuscation in networks is to make use of dummy packets, though the majority of work uses these specifically for spatial obfuscation, source/destination anonymization and packet route obfuscation. Thus, there is not much work done targeting network topology obfuscation for battery-based devices in ad hoc networks. Part of the methodology consisted in understanding and using the network simulator NS3. Unfortunately, the implemented NS3 model for IEEE

802.15.4 protocol was incomplete, and other research papers that solved this problem did not provide means for acquiring their complete implementations of the model.

The contribution of this project takes two aspects. The simulator has been important for algorithm implementation and correctness evaluation in this work. In order to reach this part, essential primitives specific to this standard were implemented in the open-source tool. Thus, this is one of the contributions of this work: providing the research community with a more realistic simulation of IEEE 802.15.4 networks

within NS3. Second, I derived two algorithms to obfuscate the network topology by keeping in mind the amount of energy consumption. Both algorithms follow an aliasing method, where devices are provided different MAC addresses in order to obfuscate their traffic visibility. The algorithms differ in how the devices receive their

Aliases. For Mac Layer Determined Aliasing (MLDA), it is assumed devices have set MAC Addresses, while Network Layer Determined Aliasing (NeLDA) expects the MAC addresses to be transmitted as payload during the association process. We show that we achieved device obfuscation though with increased overhead, thus we

provide an analysis on the trade-off between overhead and obfuscation level for both algorithms. We use theoretical analysis to consider device polling in our overhead

calculations.