1 |
Detekce anomálií v IoT sítích / Anomaly Detection in IoT NetworksHalaj, Jozef January 2020 (has links)
The goal of the thesis was an analysis of IoT communication protocols, their vulnerabilities and the creation of a suitable anomaly detector. It must be possible to run the detector on routers with the OpenWRT system. To create the final solution, it was necessary to analyze the communication protocols BLE and Z-Wave with a focus on their security and vulnerabilities. Furthermore, it was necessary to analyze the possibilities of anomaly detection, design and implement the detection system. The result is a modular detection system based on the NEMEA framework. The detection system is able to detect re-pairing of BLE devices representing a potential pairing attack. The system allows interception of Z-Wave communication using SDR, detection of Z-Wave network scanning and several attacks on network routing. The system extends the existing detector over IoT statistical data with more detailed statistics with a broader view of the network. The original solution had only Z-Wave statistics with a limited view of the network obtained from the Z-Wave controller. The modular solution of the system provides deployment flexibility and easy system scalability. The functionality of the solution was verified by experiments and a set of automated tests. The system was also successfully tested on a router with OpenWRT and in the real world enviroment. The results of the thesis were used within the SIoT project.
|
2 |
End-to-end Security Enhancement of an IoT Platform Using Object SecurityTjäder, Hampus January 2017 (has links)
The Internet of Things (IoT) is seen as one of the next Internet revolutions. In a near future the majority of all connected devices to the Internet will be IoT devices. These devices will connect previously offline constrained systems, thus it is essential to ensure end-to-end security for such devices. Object Security is a concept where the actual packet or sensitive parts of the packet are encrypted instead of the radio channel. A compromised node in the network will with this mechanism still have the data encrypted ensuring full end-to-end security. This paper proposes an architecture for using the object security format COSE in a typical constrained short-range radio based IoT platform. The IoT platform utilizes Bluetooth Low Energy and the Constrained Application Protocol for data transmission via a capillary gateway. A proof-of-concept implementation based on the architecture validates that the security solution is implementable. An overhead comparison between current channel security guidelines and the proposed object security solution results in a similar size for each data packet. The thesis concludes that object security should be seen as an alternative for ensuring end-to-end security for the Internet of Things.
|
Page generated in 0.0657 seconds