How secure is your smart home? Penetration testing and survey regarding the Internet of Things

The project has attempted to answer the issue of if Internet of Things devices in a household, such as if smart light bulbs are vulnerable, if so, how vulnerable, what a threat actor can achieve from attacking a smart home, demonstrating this with implementation and videos. This demonstrates how easy it can be to hack certain smart devices within a safe and ethical environment. With the data obtained, it can show the readers the difficulty and how dangerous these attacks can possibly be on victims in a smart home or a public environment such as a café.

​

This project was produced due to the hypothesis of that the general public are possibly unaware of the dangerous risks that may be apparent within their smart home. To answer this, two main methods were implemented to successfully conclude whether this is the case. These two methods were to first create a survey that would indicate if a small, controlled portion of the general public were knowledgeable in the risks and ways to mitigate these threats within their Internet of Things devices.

The second method was discovering the vulnerabilities and potentially attacking a smart device in an un-secure environment, simulating a threat actor in progress. Using just Python scripts that were open-source and easily found online, a threat actor could easily discover the IP addresses of these Yeelight smart light bulbs with just using a line of code.