Today, equipment embedding software and an Internet connection are more and more numerous and various. With the emergence of “the internet of things” and the trend to interconnect everything, many equipment used in our every day life are now connected to the internet: Smart-Tvs, DVD players, alarm and home automation systems, and even health assistance home devices, for example. Unfortunately, these technological evolutions also introduce new security threats. The massive use of internet facilitates the propagation of malware, capable of targeting any computer device, and more specifically any internet connected device. Although several methods allowing security analysis of industrial systems exist, their application to home devices is still limited. The existence and the criticality of potential vulnerabilities in these devices are not well-known, because they have not been thoroughly studied. This is precisely the objective of this thesis, which presents a method allowing to carry out a vulnerability analysis of internet connected home devices. This method is composed of two main phases: a risk analysis phasefollowed by an experimental phase. The security analysis of any type of equipement, requires a good knowledge ofits environment. In order to guide the evaluator in this task, we propose, as a first step, to rely on existing risk analysis methods. These methods are now mature, and allow the evaluator to obtain a global view of the risks incurred by the usage of anequipment. Then, during the second step of our method, the evaluator concentrates on the most important risks in order to demonstrate the technical feasibility of the scenarios leading to the considered risks, by carrying out several experiments.Considering the large amount and the diversity of I/Os on connected devices, it is important to focus on specifically rich attack scenarios, possibly depending on a simple local vulnerability. For this second step, an experimental method is proposedin order to study these attack scenarios, which, moreover, target equipement whose specifications are not necessarily available.In order to illustrate the entire method, this thesis presents two case studies: Integrated Access Devices and Smart-Tvs. These studies are carried out on a panel of devices from major internet service providers and TV manufacturers, allowing us to compare several devices available on the market. The vulnerabilities pointed out, mainly concern the communication means (local loop for the IAD, DVB-T interface for the smart-TVs) connecting these devices to their service providers (ISP for the IAD, TV and VoD for the smart-TVs). These communication links are usually considered safe, and have been, to our knowledge, seldom explored. Thisthesis thereby contributes to the security analysis of these particular communication means for connected devices and points out some original attack paths. Finally, this thesis ends by presenting different existing security mechanisms that can be used to avoid exploitation of the identified weaknesses
展开▼
