PIDZ (Raspberry PI Intrusion Detection System for ZigBee) is a lightweight network intrusion detection system for ZigBee networks, implemented in Python. It makes use of Python Flask, sqlite, KillerBee and scapy-radio (+ patch from Z3sec). The current state of the PIDZ can be considered as a POC.
- KillerBee Framework
- Raspberry PI 3
- KillerBee supported device
- Clean Raspbian as base
- Connect the RasPI to your wifi
- Connect via ssh
- Install KillerBee
- To test if installed correctly plugin your device and run
./zbid. This should display the connected device.
- To test if installed correctly plugin your device and run
- Clone this repository
- Run
make install - Edit the config file (e.g. edit device id)
- Start PIDZ with
make run - Access the UI on: http://raspi-ip:8080
- Sniffer.py should be able to sniff continuously on multiple channels
- Multiple Sniffer-Threads with different devices
- Add a configuration page to the UI
- Add alert mechanisms, like: email, LED, sounds, ...
- Add authentication to the UI
- Add a possibility to dump all packets via GET (...:8080/dump -> returns all packets)