Performance Assessment and Mitigation of Timing Covert Channels over the IEEE 802.15.4

Abstract

The fast development and adoption of IoT technologies has been enabling their application into increasingly sensitive domains, such as Medical and Industrial IoT, in which safety and cyber-security are paramount. While the number of deployed IoT devices increases annually, they still present severe cyber-security vulnerabilities, becoming potential targets and entry points for further attacks. As these nodes become compromised, attackers aim to set up stealthy communication behaviours, to exfiltrate data or to orchestrate nodes in a cloaked fashion, and network timing covert channels are increasingly being used with such malicious intents. The IEEE 802.15.4 is one of the most pervasive protocols in IoT and a fundamental part of many communication infrastructures. Despite this fact, the possibility of setting up such covert communication techniques on this medium has received very little attention. We aim to analyse the performance and feasibility of such covert-channel implementations upon the IEEE 802.15.4 protocol, particularly upon the DSME behaviour, one of the most promising for large-scale time critical communications. This enables us to better understand the involved risk of such threats and help support the development of active cyber-security mechanisms to mitigate these threats, which, for now, we provide in the form of practical network setup recommendations.