Abstract

With the rapid development of the Internet of Things, more and more small devices are connected into the Internet for monitoring and control purposes. One such type of devices, smart plugs, have been extensively deployed worldwide in millions of homes for home automation. These smart plugs, however, would pose serious security problems if their vulnerabilities were not carefully investigated. Indeed, we discovered that some popular smart home plugs have severe security vulnerabilities which could be fixed but unfortunately are left open. In this paper, we case study a smart plug system of a known brand by exploiting its communication protocols and successfully launching four attacks: 1) device scanning attack; 2) brute force attack; 3) spoofing attack; and 4) firmware attack. Our real-world experimental results show that we can obtain the authentication credentials from the users by performing these attacks. We also present guidelines for securing smart plugs.