Systematic IoT penetration testing: ALEXA case study

The Internet of Things paradigm arises many issues in terms of privacy and security. Systems that are commonly configured by personnel with limited experience manage incredible amount of personal data and have direct control over home systems (e.g. controlling home lights or home heating system). The purpose of our research is to define a methodology that automates as much as possible the penetration testing actions, in order to help a tester with limited security skills to find possible attacks and demonstrate them clearly to the home user. The core idea is that we rely on an existing automated threat modeling technique in order to build up the possible attacks to the system under test. The threats are concrete and understandable even to a non-expert, like home users, and help them at identifying real risks and possible countermeasures. The paper will demonstrate the proposed approach over a very typical use case, a smart home controlled through the Alexa Voice Assistant, demonstrating how it is possible to find a working attack on such a system, using very cheap dedicated hardware and with common tools.