1. RUA
  2. Investigación
  3. Criptología y Seguridad Computacional
  4. INV - CSC - Artículos de Revistas

Research on smart-locks cybersecurity and vulnerabilities

Por favor, use este identificador para citar o enlazar este ítem: http://hdl.handle.net/10045/134900
EstadísticasEstadísticas
Información del item - Informació de l'item - Item information
Título: Research on smart-locks cybersecurity and vulnerabilities
Autor/es: Caballero Gil, Cándido | Alvarez, Rafael | Hernández Goya, Candelaria | Molina Gil, Jezabel
Grupo/s de investigación o GITE: Criptología y Seguridad Computacional
Centro, Departamento o Servicio: Universidad de Alicante. Departamento de Ciencia de la Computación e Inteligencia Artificial
Palabras clave: Smart-lock | Cybersecurity | Cyber-attack | Ethical hacking | Threat modeling | Bluetooth | Android app reversing
Fecha de publicación: 27-may-2023
Editor: Springer Nature
Cita bibliográfica: Wireless Networks. 2023. https://doi.org/10.1007/s11276-023-03376-8
Resumen: Smart-locks have become increasingly popular for access to homes and businesses in many countries, because of their ease of use and adaptability. These locks offer a simple and secure alternative to traditional key-based entry, making them an attractive choice for both residential and commercial properties. Nevertheless, it is essential to acknowledge the potential security threats that come with any new technology. The security of smart-locks is particularly critical, as a breach could result in unauthorized entry. Since the smart-locks can connect, there are different ways to check if vulnerabilities can be found easily or on the contrary, if the security level is high. Two of the main ways of checking the security level of this kind of IoT device are the information that can be obtained from the Android application and the security level of the Bluetooth connection. Many vulnerabilities can be found in the Android smart lock management application. This application is very useful to perform all the configurations with such a lock, but if it is not properly implemented and secured, it can provide clues for malicious users to perform unauthorized access to the system. Another security factor is the Bluetooth connection. This ensures that only authorized users have access to the property. In this work, we have analyzed the security level of different parts of smart-locks. In particular, we have analyzed the security of the applications for the most important smart-locks on the market. This study reveals relevant information such as whether the application is obfuscated or not, the encryption algorithm for the Bluetooth connection, or relevant URLs that applications use to connect to the cloud. The security of the Bluetooth connection between the smartphone application and two selected smart-locks was also analyzed. It was demonstrated that if no encryption is used for the Bluetooth connection, the smart-lock is not secure, but if AES encryption is used, the security level is high.
Patrocinador/es: Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. Research supported by the Cátedra Institucional de Ciberseguridad Binter and the Cátedra Edosoft de Computación en la Nube e Inteligencia Artificial, both from the University of La Laguna.
URI: http://hdl.handle.net/10045/134900
ISSN: 1022-0038 (Print) | 1572-8196 (Online)
DOI: 10.1007/s11276-023-03376-8
Idioma: eng
Tipo: info:eu-repo/semantics/article
Derechos: © The Author(s) 2023. Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
Revisión científica: si
Versión del editor: https://doi.org/10.1007/s11276-023-03376-8
Aparece en las colecciones:INV - CSC - Artículos de Revistas

Archivos en este ítem:
Archivos en este ítem:
Archivo Descripción TamañoFormato 
ThumbnailCaballero-Gil_etal_2023_WirelessNetw.pdf2,79 MBAdobe PDFAbrir Vista previa
Muestra el registro completo


Este ítem está licenciado bajo Licencia Creative Commons Creative Commons