For smart homes to be safe homes, they must be designed with security in mind. Yet, despite the widespread proliferation of connected digital technologies in the home environment, there is a lack of research evaluating the security vulnerabilities and potential risks present within these systems. Our research presents a comprehensive methodology for conducting systematic IoT security attacks, intercepting network traffic and evaluating the security risks of smart home devices. We perform hundreds of automated experiments using 11 popular commercial IoT devices when deployed in a testbed, exposed to a series of real deployed attacks (flooding, port scanning and OS scanning). Our findings indicate that these devices are vulnerable to security attacks and our results are relevant to the security research community, device engineers and the users who rely on these technologies in their daily lives.

翻译：为了实现安全家居，智能家居必须从设计之初就融入安全理念。然而，尽管家庭环境中联网数字技术已广泛普及，但针对这些系统安全漏洞及潜在风险的评估研究仍然不足。本研究提出了一套综合方法论，用于系统性地实施物联网安全攻击、拦截网络流量并评估智能家居设备的安全风险。我们在测试平台上部署了11种主流商用物联网设备，暴露于一系列真实攻击（洪泛攻击、端口扫描和操作系统扫描）下，并进行了数百次自动化实验。研究结果表明，这些设备易受安全攻击。我们的研究成果对安全研究社区、设备工程师以及日常依赖这些技术的用户具有重要参考价值。