Security Analysis of Nedis SmartLife Video Doorbell

Siklosi, Martin; Olsson Kihlborg, Robert

kth.sePublications

Simple search

Advanced search -
Research publications Advanced search -
Student theses Statistics

English Svenska Norsk

Change search

Cite ExportLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-359419

Direct link

https://kth.diva-portal.org/smash/record.jsf?pid=diva2:1933445

Cite

Citation style

apa
ieee
modern-language-association-8th-edition
vancouver
Other style

More styles

Language

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Other locale

More languages

Output format

html
text
asciidoc
rtf

Security Analysis of Nedis SmartLife Video Doorbell

Siklosi, Martin

KTH, School of Electrical Engineering and Computer Science (EECS).

Olsson Kihlborg, Robert

KTH, School of Electrical Engineering and Computer Science (EECS).

2024 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis

Abstract [en]

As IoT devices become increasingly common and integrate more deeply into our lives,ensuring their security is crucial. The purpose of this project was to conduct acomprehensive security analysis of the Nedis SmartLife Video Doorbell. Any vulnerabilitiesfound were to be disclosed to Nedis to enhance the device's security and later published toraise awareness of potential security issues. An iterative process was used where thesystem was examined, possible attack surfaces were identified, and tests were performed.The results of the tests were used to further examine the system and identify further possibleattack surfaces. During the security analysis, five vulnerabilities were found. However, thevulnerabilities are unlikely to be exploited in a large-scale attack against users. All foundvulnerabilities have been disclosed privately to Nedis prior to publishing.

Abstract [sv]

I takt med att IoT-enheter blir allt vanligare och integreras djupare i våra liv ställs allt hårdarekrav på deras säkerhet. Syftet med detta projekt var att genomföra en omfattandesäkerhetsanalys av Nedis SmartLife Video Doorbell. Eventuella sårbarheter som hittadesrapporterades till Nedis för att förbättra enhetens säkerhet och publicerades senare för attöka medvetenheten om potentiella säkerhetsproblem. En iterativ process användes därsystemet undersöktes, möjliga angreppsytor identifierades och tester genomfördes.Resultaten av testerna användes för att ytterligare undersöka systemet och identifiera flermöjliga angreppsytor. Under säkerhetsanalysen hittades fem sårbarheter. Det är dockosannolikt att sårbarheterna skulle kunna utnyttjas i ett storskaligt angrepp mot användare.Alla upptäckta sårbarheter har rapporterats privat till Nedis före publicering.

Place, publisher, year, edition, pages

2024. , p. 579-586

Series

TRITA-EECS-EX ; 2024:186

National Category

Electrical Engineering, Electronic Engineering, Information Engineering

Identifiers

URN: urn:nbn:se:kth:diva-359419OAI: oai:DiVA.org:kth-359419DiVA, id: diva2:1933445

Supervisors

Johnson, Pontus

Examiners

Kullen, Anita

Projects

Kandidatexamensarbete Elektroteknik EECS 2024Available from: 2025-01-31 Created: 2025-01-31

Open Access in DiVA

fulltext(121150 kB)

24 downloads

File information

File name FULLTEXT01.pdfFile size 121150 kBChecksum SHA-512

82342f1408fe2aae929f55e76f2a176a8521cf94c0fe100464225724a9b74ddff6f61a0fb1cf957b5d6400be30877b9d0aec28080253ae7c1e09793536e10217

Type fulltextMimetype application/pdf

Total: 24 downloads

The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Total: 1438 hits