This article is more than 1 year old

Researchers make SHODAN of the skies to probe internet-of-things

That's no drone. That's an aerial security scanning project!

A clan of security geeks are flying a ZigBee-sniffing drone to map online internet-of-things things universe in what they hope will be the SHODAN of electronic junk.

The project run by a team at the Texas-based firm Praetorian is being conducted in researchers' free time and hopes to explore the functionality and security integrity of internet-of-things devices operating on the popular ZigBee communications protocol.

It is hoped the project will do for internet-of-things things what the SHODAN scanner did for industrial control systems exposed to the internet by highlighting security vulnerabilities.

"At its core, this project is driven by exploration," the team says.

"Where are these things? Who made them? What do they do? Are they secure? These are some of the questions we hope to answer.

"The first step of our exploration involves locating and fingerprinting ZigBee-enabled smart devices and networks. We're starting local and expanding from here. It's a big world to explore and billions of things to discover."

The drone can be tracked flying over Austin, Texas in real time on the project map. So far it has uncovered more than 1600 unique internet-of-things things, of which 453 are made by Sony, and 110 by Philips.

It picked up over 700 unique things during one 18 minute flight.

The map derived from the 18-minute flight.

Things are analysed to determine security settings, manufacturer ID, channels, and other attributes.

Researchers aim to not only extend the avian things hunter to patrol other US cities, but will soon open-source the blueprints so that other drone geeks can join the campaign.

The six-rotor drone sports ZigBee radios and GPS device that weigh about 250g. It is fully autonomous thanks to custom software built on the work of famed security researchers Joshua Wright, Ryan Speers, Ricky Melgares, and Travis Goodspeed, allowing it to logs the locations of things within a 100 metre range.

"Very soon, we’ll be releasing a full how-to build guide for our device, along with a release of the code the drives it, so other passionate engineers and hackers interested in ZigBee can start listening in to the machines around them," the team says.

Punters wanting to get in on the device hunting are invited to contact Praetorian. ®

More about


Send us news

Other stories you might like