Case Study: Assessing the Security of a ZigBee Smart HomeNetwork

Saker, Robal, Abu Issa, Obaida

January 2024

Utilizing the ZigBee protocol is pervasive in the context of smart homes, offering substantial convenience to individuals. However, smart home devices commonly handle significant quantities of real-world information, potentially giving rise to concerns related to information leakage. Therefore, in this study, we assess the security of a ZigBee smart homenetworkbyidentifying potential vulnerabilities and conducting a penetration test on the network. In addition, this study compared the potential damage inflicted on the ZigBee network bytechnical and non-technical users. Identifying the potential vulnerabilities was carried out by following a systematic literature review approach, while the penetration testing method was conducted with the help of a case study. The smart home network consisted of a gateway, a smart light bulb, a temperature and humidity sensor, and a motion sensor. The results show a vulnerability in the ZigBee protocol where the technical user could compromise all the security keys. However, the non-technical user was not able to compromise the ZigBee network. Consequently, the security of ZigBee-based smart devices still needs to be further investigated and strengthened. Finally, we discussed the future of the ZigBee network and the optimal scenarios for deploying it.

ZigBee

vulnerabilities

smart home

technical user

non-technical user

Computer Sciences

Datavetenskap (datalogi)