Skip to content

Latest commit

 

History

History
42 lines (30 loc) · 2.82 KB

README.md

File metadata and controls

42 lines (30 loc) · 2.82 KB

Bachelor's Thesis: Security Analysis of Tradfri Smart Home

This repository contains my Bachelor's thesis on the security analysis of the Tradfri smart home system as well as its appendix. The thesis focuses on analyzing the security of the Tradfri system using both static and dynamic analysis techniques.

Repository - Contents

  • Bachelors-thesis_Kelke-van-Lessen.pdf : Contains the thesis itself
  • MobSF-report_Home-smart_1-19-2.pdf : MobSF static analysis report
  • local-traffic_packet-trace.eth : Recorded local areal network
  • mitmproxy-flows : mitmproxy capture files

Thesis - Table of Contents

  1. Introduction

  2. Technical Background

    1. Security
    2. JavaScript Object Notation
    3. Networking
    4. Attack types
    5. Phone rooting
  3. Methodology

    1. Installation
    2. Network Setup
    3. Software
  4. Security Analysis

    1. Static Analysis
    2. Dynamic Analysis
    3. External Traffic
    4. Local Traffic

Summary

This Bachelor's thesis aims to conduct a comprehensive security analysis of IKEA's smart home system: Tradfri. The thesis explores both the technical background and various attack types relevant to smart home security. The analysis is carried out by using both static and dynamic analysis techniques to evaluate the system's vulnerabilities and potential security risks.

The technical background section covers key concepts related to security, including symmetric and asymmetric cryptography, certificates, and certificate pinning. It also explains relevant technical networking terms such as local area networks, Ethernet, ZigBee, various security protocols like CoAP, HTTP, TLS, and DTLS, and attack types such as reverse engineering, man-in-the-middle attacks, and network sniffing.

The methodology section outlines the installation process, network setup, and software used for the security analysis. The security analysis itself is divided into static and dynamic analysis. The static analysis phase goes into detail in examining the system's code and configurations to identify potential vulnerabilities. The dynamic analysis phase focuses on observing the system's behavior during operation and what local traffic as well as external traffic is generated by a users interaction with the system.

The findings of this research will contribute to a better understanding of the security aspects of the Tradfri smart home system, helping readers make informed decisions regarding its deployment, pot. The results will shed light on potential security flaws and how these can be mitigated.

The findings of this research will contribute to a better understanding of the technical details of the Tradfri smart home system, helping readers make informed decisions on its deployment. The results will shed light on potential security flaws and propose an improvement in the key-exchange process, which would mitigate them.