WYP is a team of Best of Best 7th members(Ki-Yoon Cho, Ji-Hwan Lim, Min-Seok Sung, Yoong-Ho Jeong, Sung-Bum Kim).
[Abstract]
==========
This presentation focuses on vulnerabilities of products that use the Z-Wave wireless communication protocol which has the advantage of good usability, scalbility, and low power protocol. The presentation will mainly be divided into two parts: the first part introduces the related research and trends of ZWave and presents the results of the directly analyzed Z-Wave products from the viewpoint of security. The second part demonstrates the process of controlling commercial products through arbitrarily created packets using the Z-Wave spoofing tool that we created. First, the necessary information is sniffed through sniffing, and then the malicious control packet created based on the information that the attacker took is used to control the product.
We will demonstrate attacks on several products, including some kinds of smart door lock which are equipped with major company's communication modules. It also introduces and demonstrates various attack vectors, which include DoS attacks and Replay attacks.
Althoguh this demonstration is based on the specific products from some companies, the vulnerability and attack can generally be applied to all the products that use z-Wave protocol.