Case Study: Assessing the Security of a ZigBee Smart HomeNetwork

Abstract: Utilizing the ZigBee protocol is pervasive in the context of smart homes, offering substantial convenience to individuals. However, smart home devices commonly handle significant quantities of real-world information, potentially giving rise to concerns related to information leakage. Therefore, in this study, we assess the security of a ZigBee smart homenetworkbyidentifying potential vulnerabilities and conducting a penetration test on the network. In addition, this study compared the potential damage inflicted on the ZigBee network bytechnical and non-technical users. Identifying the potential vulnerabilities was carried out by following a systematic literature review approach, while the penetration testing method was conducted with the help of a case study. The smart home network consisted of a gateway, a smart light bulb, a temperature and humidity sensor, and a motion sensor. The results show a vulnerability in the ZigBee protocol where the technical user could compromise all the security keys. However, the non-technical user was not able to compromise the ZigBee network. Consequently, the security of ZigBee-based smart devices still needs to be further investigated and strengthened. Finally, we discussed the future of the ZigBee network and the optimal scenarios for deploying it.