STALK: security analysis of smartwatches for kids

  • Smart wearable devices become more and more prevalent in the age of the Internet of Things. While people wear them as fitness trackers or full-fledged smartphones, they also come in unique versions as smartwatches for children. These watches allow parents to track the location of their children in real-time and offer a communication channel between parent and child. In this paper, we analyzed six smartwatches for children and the corresponding backend platforms and applications for security and privacy concerns. We structure our analysis in distinct attacker scenarios and collect and describe related literature outside academic publications. Using a cellular network Man-in-the-Middle setup, reverse engineering, and dynamic analysis, we found several severe security issues, allowing for sensitive data disclosure, complete watch takeover, and illegal remote monitoring functionality.

Download full text files

Export metadata

Additional Services

Share in Twitter
Metadaten
Author:Christoph Saatjohann, Fabian Ising, Luise Krings, Sebastian Schinzel
URN:urn:nbn:de:hbz:836-opus-123548
DOI:https://doi.org/10.1145/3407023.3407037
ISBN:978-1-4503-8833-7
Parent Title (English):ARES 2020: The 15th International Conference on Availability, Reliability and Security / Editors: Melanie Volkamer, Christian Wressnegger
Document Type:Article in Conference Proceedings
Language:English
Date of Publication (online):2020/08/11
Year of first Publication:2020
Publishing Institution:FH Münster - University of Applied Sciences
Release Date:2020/08/12
Tag:Privacy; Security
First Page:1
Last Page:10
Institutes:Elektrotechnik und Informatik (ETI)
Publication list:Schinzel, Sebastian
Saatjohann, Christoph
Ising, Fabian
Licence (German):License Logo Zweitveroeffentlichung