Exploiting Sub-GHz radio signals for unauthorized access: a garage door IoT case study

Author

Raghad AlhusariFollow

Date of Award

2025

Degree Name

Cybersecurity

College

College of Engineering and Computer Sciences

Type of Degree

M.S.

Document Type

Thesis

First Advisor

Dr. Robin Verma

Second Advisor

Dr. Husnu Narman

Third Advisor

Dr. Char Sample

Abstract

Over the past several years, people's interest in technology-driven home appliances like smart speakers, sensors, and other home automation systems like automatic garage door openers has notably risen. This rapid adoption of IoT-based home automation systems has introduced significant security risks due to vulnerabilities in the wireless communication protocols used in these systems. This thesis bridges a critical research gap by conducting the first comprehensive analysis of the rolling code protocol with KEELOQ encryption algorithm, integrating patent studies, industrial specification reviews, and open-source implementation audits followed by hardware-based experimental validation. While focused on garage door openers which are selected due to their critical role in residential security, where vulnerabilities could directly endanger personal safety, combined with their widespread adoption evidenced by a projected 5.42% market growth by 2028 [1], the findings generalize to all rolling code-dependent IoT devices with KEELOQ encryption algorithm, including industrial sensors and smart locks.

The urgency of this work is magnified by the rise of accessible hacking tools like the Flipper Zero which is an open-source, multi-function device capable of capturing and emulating Sub-GHz signals with minimal technical expertise. Its popularity underscores a pressing need to evaluate and fortify garage door opener security against unauthorized access attacks. This thesis specifically investigates vulnerabilities in rolling code implementations using KEELOQ encryption algorithm, where the Flipper Zero could intercept and replay communications. The aim is to identify vulnerabilities where Flipper Zero can intercept and emulate the communication signal, and to suggest solutions to mitigate or eliminate the risks associated with these vulnerabilities.

Subject(s)

Computer security.

Digital forensic science.

Hacking.

Radio.

Household appliances.

Recommended Citation

Alhusari, Raghad, "Exploiting Sub-GHz radio signals for unauthorized access: a garage door IoT case study" (2025). Theses, Dissertations and Capstones. 1935.
https://mds.marshall.edu/etd/1935