A Security Analysis of Wireless Smart Home Technologies
Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
The use of electronics connected to local networks and the Internet is growingall the time. Nowadays you can control your electronics in your house even when away from home, which opens up for potential security threats. The purpose of this report is to point out the potential risks with connecting home electronics to the Internet and to shed light on what security mechanisms that are needed in these kinds of systems. This report contains a theoretical part in which relevant material has been summarized. This material includes the smart home solution Tellstick Net and the wireless technologies ZigBee and Z-Wave, which are commonly used in home automation. The Tellstick Net system was mapped out and a risk analysis with attack trees was performed. After the analysis of the system, the implementation of two potential security threats were attempted. The two attempted attacks were replay attack and cross-site request forgery. The replay attack was unsuccessful due to the way the system communicates and keeps connections alive. However, the cross-site request forgery was discovered to be successful in some cases. It depended on if the browser of the target supported cross-origin resource sharing, as that property protects against cross-site request forgery. Finally, the report discusses what impact the found security deficiencies have, what they entail and how they reflect on the need for security in smart technologies for the home.
Place, publisher, year, edition, pages
2015. , 43 p.
Smart home technologies, Internet security, Internet of Things, Tellstick Net
Engineering and Technology
IdentifiersURN: urn:nbn:se:liu:diva-113256ISRN: LIU-IDA/LITH-EX-G--14/084--SEOAI: oai:DiVA.org:liu-113256DiVA: diva2:779927
Subject / course
Computer and information science at the Institute of Technology