Alarm systems are ubiquitous - no longer the realm of banks and vaults only, many people now have them in their homes or workplaces.  But how do they work?  And the logical follow-up question - how can they be hacked? 

This talk focuses on the communication lines in physical intrusion detection systems: how they are secured, and what vulnerabilities exist.  We’ll discuss the logic implemented in the controllers and protections on the communication lines including end of line resistors - and all the ways that this aspect of the system can be exploited.

In particular, we’ll release schematics for a tool we’ve developed that will enable measuring end-of-line resistor systems covertly, determining the necessary re-wiring to defeat the sensors, and deploy it without setting off the alarm. 

After the talk, you can head over to the Lock Bypass Village to try these techniques out for yourself!

DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.

Defeating Physical Intrusion Detection Alarm Wires

Conference: Defcon 29

Abstract

Post a comment

Related work

Greybox Program Synthesis: A New Approach to Attack Dataflow Obfuscation