For smart homes to be safe homes, they must be designed with security in mind. Yet, despite the widespread proliferation of connected digital technologies in the home environment, there is a lack of research evaluating the security vulnerabilities and potential risks present within these systems. Our research presents a comprehensive methodology for conducting systematic IoT security attacks, intercepting network traffic and evaluating the security risks of smart home devices. We perform hundreds of automated experiments using 11 popular commercial IoT devices when deployed in a testbed, exposed to a series of real deployed attacks (flooding, port scanning and OS scanning). Our findings indicate that these devices are vulnerable to security attacks and our results are relevant to the security research community, device engineers and the users who rely on these technologies in their daily lives.

翻译：智能家居要实现安全，就必须在设计之初考虑安全性。然而，尽管家庭环境中联网数字技术已广泛普及，但针对这些系统中存在的安全漏洞及潜在风险的评估研究仍显不足。本研究提出了一套系统性的物联网安全攻击方法论，通过截取网络流量并评估智能家居设备的安全风险来开展研究。我们在测试平台上部署了11种流行的商用物联网设备，并对其进行了数百次自动化实验，暴露于一系列真实的攻击场景（包括泛洪攻击、端口扫描和操作系统扫描）。研究结果表明，这些设备易受安全攻击，相关结论对安全研究界、设备工程师以及日常生活中依赖这些技术的用户具有重要参考价值。