Auditing 6LoWPAN networks: Using Standard Penetration Testing Tools

Video in TIB AV-Portal: Auditing 6LoWPAN networks: Using Standard Penetration Testing Tools

Formal Metadata

Auditing 6LoWPAN networks: Using Standard Penetration Testing Tools
Title of Series
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
The Internet of Things is expected to be involved in the near future in all major aspects of our modern society. On that front, we argue that 6LoWPAN is a protocol that will be a dominant player as it is the only IoT-capable protocol that brings a full IP stack to the smallest devices. As evidence of this, we can highlight the fact that even the latest ZigBee Smart Energy standard is based on ZigBee IP which itself relies on 6LoWPAN, a competitor of the initial ZigBee protocol. Efficient IP-based penetration testing tools have been available to security auditors for years now. However, it is not that easy to use them in the context of a 6LoWPAN network since you need to be able to join it first. In fact, the difficult part is to associate with the underlying IEEE 802.15.4 infrastructure. Indeed, this standard already has two iterations since its release in 2003 and it provides with several possibilities regarding network topology, data transfer model and security suite. Unfortunately, there is no off-the-shelf component that provides, out of the box, with such a wide range of capabilities. Worst still, some of them deviate from the standard and can only communicate with components from the same manufacturer. In this paper, we present the ARSEN project: Advanced Routing for 6LoWPAN and Ethernet Networks. It provides security auditors with two new tools. First, a radio scanner capable of identifying IEEE 802.15.4 infrastructures and for each one of them their specificities, including several deviations from the standard that we encountered in actual security audits. Secondly, a border router capable of routing IPv6 datagrams between Ethernet and 6LoWPAN networks while adapting to the specificities identified by the scanner. As a result, the combination of both effectively allows security auditors to use available IP-based penetration testing tools on different 6LoWPAN networks. Bio: Jonathan-Christofer Demay, PhD is the current penetration testing team leader at AIRBUS Defence and Space. As a former academic researcher, he has been working on IDS bypassing, intrusion detection and general network security. Now a consultant for various key industries and government bodies, he is working on incident response, penetration testing and social engineering. Adam Reziouk is an electronics and automation engineer currently working on wireless communications and industrial network security at AIRBUS Defence and Space. He holds a master's degree in electrical and electronic engineering and has been conducting vulnerability research activities on programmable logic controllers, connected devices and smart grids. Arnaud Lebrun is a command and control engineer currently working at AIRBUS Defence and Space. He is focusing on security issues for several projects in the aerospace industry and related areas such as radioactive waste disposal facilities or large telescopes. He also supports the penetration testing team for perimeters that include ICS infrastructures or embedded electronics.
Standard deviation Electronic data interchange Penetrationstest Computer network
Email Price index Computer network Communications protocol Wireless LAN Flag
Standard deviation Data model Advanced Encryption Standard Suite (music) Revision control Cellular automaton Computer network Encryption Information security
Advanced Encryption Standard Suite (music) Information security Sturm's theorem
Standard deviation Email Suite (music) System on a chip Moving average Hill differential equation Information security Firmware
Event horizon Gradient Computer network Menu (computing) Translation (relic) Routing Mach's principle
Component-based software engineering Email User-defined function Advanced Encryption Standard Frame problem Information security UDP <Protokoll> Area Router (computing)
Personal digital assistant Computer network Information Wireless LAN
Frame problem Trail Information
Frame problem Metropolitan area network Personal area network Hand fan
Exclusive or Advanced Encryption Standard Large eddy simulation Network socket Streaming media Information security Router (computing)


  379 ms - page object


AV-Portal 3.20.2 (36f6df173ce4850b467c9cb7af359cf1cdaed247)