The goal of this paper is to research and review through experimental testing the security of home automation devices. The methodology includes analysis and review of these home automation devices through traffic capture, device scanning, and wireless analysis. The devices that will be tested are the Amazon Echo, Osram Smart Lights, and TPLink power switch. We present a classification model to analyze the relation between potential risk and realized risk through potential vulnerabilities in these varying home automation devices. Possible security flaws that might be found include default configurations, easy to crack passwords, unencrypted traffic, responses to forged traffic, and full control of the device without any authentication. We also perform a review of their privacy exposure and outline the security vectors used to attack IoT devices, as well as the most recent malwares in control of over a million IoT devices.
CITATION STYLE
Capellupo, M., Liranzo, J., Bhuiyan, M. Z. A., Hayajneh, T., & Wang, G. (2017). Security and attack vector analysis of IoT devices. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10658 LNCS, pp. 593–606). Springer Verlag. https://doi.org/10.1007/978-3-319-72395-2_54
Mendeley helps you to discover research relevant for your work.