Type of Submission
Poster
Keywords
Exploit, Reverse Engineer, Smart Home, Smoke Detector
Proposal
Common household devices have become packed with technology including microphones, cameras, and even internet connectivity. While this technology provides numerous benefits, many consumers have concerns about the security and potential exploitation of these devices. Our team was provided with a smart home smoke detector by Ceaser Creek Software, our project sponsor. The team at CCSW had already gained access to the device's memory and the ability to inject/execute custom code. Our team was tasked with reverse engineering the smoke detector in order to understand how the device works. Specifically, our team has worked to gain access to the microphone, record audio data, and send that information over the network. Our team performed static analysis of the device's memory, dynamic analysis of running tasks, and ran custom code on the device. We successfully managed to create new tasks, keep the device awake while running code, and view data recorded by the microphone during a self-test. We are currently working to manually record audio and export that data over the network.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Publication Date
2024
Exploring a Smart Home Smoke Detector
Common household devices have become packed with technology including microphones, cameras, and even internet connectivity. While this technology provides numerous benefits, many consumers have concerns about the security and potential exploitation of these devices. Our team was provided with a smart home smoke detector by Ceaser Creek Software, our project sponsor. The team at CCSW had already gained access to the device's memory and the ability to inject/execute custom code. Our team was tasked with reverse engineering the smoke detector in order to understand how the device works. Specifically, our team has worked to gain access to the microphone, record audio data, and send that information over the network. Our team performed static analysis of the device's memory, dynamic analysis of running tasks, and ran custom code on the device. We successfully managed to create new tasks, keep the device awake while running code, and view data recorded by the microphone during a self-test. We are currently working to manually record audio and export that data over the network.
