demystiPHY: dedicated to de-mystification of the PHY layer(s)

This is a collection of links to research on digital radio physical layer protocols, motivated to explaining the internal logical workings of the upper layers of PHY.

See also: BabylonPHY.

Talks, papers, presentations:

Active Link-layer fingerprinting of 802.11/Wi-Fi: paper, tools & presentations

Packet-in-packet: blog, paper, video USENIX WOOT (15 min), video 28c3 (60 min).

"Phantom Boundaries and Cross-layer Illusions in 802.15.4 Digital Radio" IEEE LangSec SPW'14 paper

demystiPHY 802.15.4: an introduction to PHY tricks InfoSec SouthWest talk

Speaking the Local Dialect: Exploiting differences between IEEE 802.15.4 Receivers with Commodity Radios for fingerprinting, targeted attacks, and WIDS evasion WiSec 2014 paper

Protocols for Leibowitz: Polyglots in PHY Recon 2015 talk

Tools, hardware:

ApiMote, an 802.15.4 digital radio USB peripheral

ApiMote: a tool for speaking 802.15.4 dialects and frame injection Defcon Wireless Village 2014 talk, ApiMote hardware designs (ApiMote is all open-source hardware).

KillerBee 802.15.4 open-source software suite

KillerBee code: https://github.com/riverloopsec/killerbee

(more to come)