Wireless Home Automation Systems Reveal More Than You Would Think About User Behavior

Saarland University

Saarland University researchers are studying ways to make home automation systems more secure, having found that modern smart home wireless automation systems can pose a security risk.

Home automation systems that control domestic lighting, heating, window blinds or door locks offer opportunities for third parties to intrude on the privacy of the inhabitants and gain considerable insight into their behavioural patterns. This is the conclusion reached by IT security expert Christoph Sorge and his research team at Saarland University.

Even data transmitted from encrypted systems can provide information useful to potential burglars. Professor Sorge, who holds the juris Professorship in Legal Informatics at Saarland University, and his research group are currently studying ways to make home automation systems more secure. Frederik Möllers from Sorge’s team will be presenting the results at the ACM Conference on Security and Privacy in Wireless and Mobile Networks in Oxford on 25 July.Read more at: http://phys.org/news/2014-07-wireless-home-automation-reveal-user.html#jCp

Home automation systems that control domestic lighting, heating, window blinds or door locks offer opportunities for third parties to intrude on the privacy of the inhabitants and gain considerable insight into their behavioural patterns. This is the conclusion reached by IT security expert Christoph Sorge and his research team at Saarland University. Even data transmitted from encrypted systems can provide information useful to potential burglars. Professor Sorge, who holds the juris Professorship in Legal Informatics at Saarland University, and his research group are currently studying ways to make home automation systems more secure. Frederik Möllers from Sorge’s team will be presenting the results at the ACM Conference on Security and Privacy in Wireless and Mobile Networks in Oxford on 25 July.Read more at: http://phys.org/news/2014-07-wireless-home-automation-reveal-user.html#jCp
Home automation systems that control domestic lighting, heating, window blinds or door locks offer opportunities for third parties to intrude on the privacy of the inhabitants and gain considerable insight into their behavioural patterns. This is the conclusion reached by IT security expert Christoph Sorge and his research team at Saarland University. Even data transmitted from encrypted systems can provide information useful to potential burglars. Professor Sorge, who holds the juris Professorship in Legal Informatics at Saarland University, and his research group are currently studying ways to make home automation systems more secure. Frederik Möllers from Sorge’s team will be presenting the results at the ACM Conference on Security and Privacy in Wireless and Mobile Networks in Oxford on 25 July.Read more at: http://phys.org/news/2014-07-wireless-home-automation-reveal-user.html#jCp

“Many of the systems do not provide adequate security against unwanted third-party access and therefore threaten the privacy of the inhabitants,” says Saarland professor Christoph Sorge. As part of the study, the researchers took on the role of a malicious attacker. “Using a simple mini-PC, no bigger in size than a packet of cigarettes, we eavesdropped on the wireless home automation systems [HASs] of two volunteers and were thus able to determine just how much information a conventional wireless HAS reveals about its user,” Sorge says.

The study showed that non-encrypted systems provide large quantities of data to anyone that wants to access the data, and the attacker does not need prior knowledge of the system. “The results indicate that even when encrypted communication is used, the number of messages exchanged is enough to provide information on absence times,” Sorge says.

He notes potential attacks can be directed against the functionality of the system or the privacy of the inhabitants. Sorge says enhanced data encryption and concealment technologies would help protect HAS users’ privacy, and his group is collaborating with researchers at the University of Paderborn on developing the technology.  Report

Written by

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.