Affiliations: [a] Beijing University of Posts and Telecommunications, Beijing 100876, China. [email protected] | [b] National Computer Network Emergency, Response Technical Team/Coordination Center of China, Beijing 100029, China. [email protected]
Correspondence:
[*]
Address for correspondence: Beijing University of Posts and Telecommunications, Beijing 100876, China
Note: [†] Thanks for the anonymous reviewers for their very helpful suggestions. This work was supported by the National High Technology Research and Development Program(“863”Program) of China (No. 2015AA017202).
Abstract: ZigBee networks, with their characteristics of high availability, low power consumption and cost-effective devices, are perfectly appropriate to construct Wireless Sensor Networks (WSNs). Also, the natures of WSN listed above bring significant benefits over traditional communication networks used in smart home systems. A smart home system is meant to improve the quality of life through offering various automated, interactive and comfortable services, such as sensing and communicating the family member’s health information with their doctors, or remotely controlling the appliances via cellular phones, emails etc. These critical services make the security of personal privacy and the authority of control commands vital issues in Smart Home environments. While the smart home system suffer from many attacks, the security of the smart home system become an important and hard problem. And the authentication is the first parclose to the security of the system. However, according to our analysis, most system fail to achieve the authentication between the user and the device, Which leading to the compromise of the whole system. In this paper, we analyze the authentication challenges between the user the device in WSNs and in smart home Systems. To thoroughly detect, defense and foresee the authentication vulnerabilities existing in smart home networks, we proposed a security evaluation technique based on attack graph generation. We discuss the distinction between the attack graphs deployed in traditional networks and in smart home networks. Furthermore, we apply this technique into an experiment, and the results prove its practicality. And we then suggest a widely used protocol to the smart home authentication system.
