University of Twente Student Theses
Wireless communication protocols for home automation exploring the security and privacy aspects of smart home IoT devices communicating over the Z-Wave protocol
Merdis, Vasileios (2019) Wireless communication protocols for home automation exploring the security and privacy aspects of smart home IoT devices communicating over the Z-Wave protocol.
PDF
5MB |
Abstract: | Smart home IoT devices are on rise nowadays since they bring a lot of benefits to the users. However, there are also risks concerning the security and the privacy of the inhabitants of a smart environment. Smart home ecosystem is very complex with numerous of smart devices and communication protocols which make up it. A communication protocol plays the role of the common language that smart appliances need to speak in order to be able to exchange information with multiple devices in a smart environment. In this thesis, we examined and evaluated the security and privacy aspects of the Z-Wave protocol. Z-Wave is a wireless protocol for automation appliances connection at home, and it is the world market leader in wireless control with over 100 million products sold worldwide. It is a Radio Frequency based communication technology and uses the concept of the mesh networking with controllers and slaves. In order to explore the security and privacy aspects of the Z-Wave protocol, hands-on testing on a Z-Wave light bulb and smart door lock were performed, including both software and hardware hacking. During the protocol hacking, we eavesdropped on the Z-Wave network, whereas during the hardware hacking we verifying whether the hardware of the devices contained any sensitive information that can be exploited. The results showed that using no security on the Z-Wave devices, led to serious risks for the security and privacy of the users in a smart home environment. We captured some Z-Wave packets sent from the controller to the devices, and we performed a replay attack on the light bulb since the security was not enabled by default. The door lock was more secure but a crucial vulnerability was discovered while we performed hardware hacking. Z-Wave protocol supports three levels of security: no security, S0 security, and S2 security. After the experiments, it was observed that even the S0 framework can preserve the security and privacy of the users, and it is up to them to implement it or not. |
Item Type: | Essay (Master) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/77879 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page