Are Home Security Systems Reliable?

TL;DR

This paper reveals vulnerabilities in Z-Wave-based home security systems, demonstrating attacks that drastically reduce battery life and cause DoS, highlighting security concerns in widely used smart home devices.

Contribution

The paper introduces two novel remote attack methods on Z-Wave security devices, significantly impacting their reliability and security.

Findings

Attacks can increase power consumption by 1000x

Denial of Service attacks can disable systems within seconds

Attacks are effective from 100 meters away

Abstract

Home security systems have become increasingly popular since they provide an additional layer of protection and peace of mind. These systems typically include battery-powered motion sensors, contact sensors, and smart locks. Z-Wave is a very popular wireless communication technology for these low-power systems. In this paper, we demonstrate two new attacks targeting Z-Wave devices. First, we show how an attacker can remotely attack Z-Wave security devices to increase their power consumption by three orders of magnitude, reducing their battery life from a few years to just a few hours. Second, we show multiple Denial of Service (DoS) attacks which enables an attacker to interrupt the operation of security systems in just a few seconds. Our experiments show that these attacks are effective even when the attacker device is in a car 100 meters away from the targeted house.