For smart homes to be safe homes, they must be designed with security in mind. Yet, despite the widespread proliferation of connected digital technologies in the home environment, there is a lack of research evaluating the security vulnerabilities and potential risks present within these systems. Our research presents a comprehensive methodology for conducting systematic IoT security attacks, intercepting network traffic and evaluating the security risks of smart home devices. We perform thousands of automated experiments using 11 popular commercial IoT devices when deployed in a testbed, exposed to a series of real deployed attacks (flooding, port scanning and OS scanning). Our findings indicate that these devices are vulnerable to security attacks and our results are relevant to the security research community, device engineers and the users who rely on these technologies in their daily lives.

翻译：为了实现安全的智能家居，必须在设计之初就将安全性纳入考量。然而，尽管家庭环境中联网数字技术已广泛普及，但针对这些系统安全漏洞及潜在风险的评估研究仍显不足。本研究提出了一套系统性的物联网安全攻击方法论，涵盖网络流量拦截与智能家居设备安全风险评估。我们在测试平台上部署了11款流行的商用物联网设备，并对其执行了数千次自动化实验，使其暴露于一系列实际部署的攻击（包括洪泛攻击、端口扫描和操作系统扫描）。研究结果表明，这些设备易受安全攻击。我们的结论对安全研究社区、设备工程师以及日常生活中依赖这些技术的用户具有重要参考价值。