1 |
Bezpečné zprovoznění IoT zařízení / Secure Provisioning of IoT DevicesRusiňák, Petr January 2021 (has links)
S ohledem na stále rostoucí počty prodaných IoT zařízeních se postupně začínají objevovat projekty, ve kterých jsou IoT zařízení použity ve stovkách až tisících. Tyto projekty však z časových důvodů neumožňují ruční konfiguraci každého zařízení zvlášť, čímž vzniká poptávka po protokolech, které dokáží rychle, ale přitom i bezpečně, nastavit nové IoT zařízení. Cílem této práce je vytvořit protokol, který umožní automatický přenos přihlašovacích údajů k Wi-Fi síti do nově zakoupeného IoT zařízení. Navržený protokol používá speciální konfigurační zařízení, ve kterém budou uloženy přihlašovací údaje všech zařízeních kompatibilních s tímto protokolem v rámci dané administrativní domény, a které bude poskytovat tyto přihlašovací údaje nenakonfigurovaným IoT zařízením za předpokladu, že je možné ověřit jejich identitu. K ověření identity nenakonfigurovaných zařízení je použita asymetrické kryptografie. Protokol byl implementován pomocí IoT zařízeních ESP32, přičemž ke komunikaci mezi nenakonfigurovanými je využit nespojovaný komunikační protokol ESP-NOW.
|
2 |
Fingerprinting the Smart Home: Detection of Smart Assistants Based on Network ActivityHashemi, Arshan 01 December 2018 (has links)
As the concept of the Smart Home is being embraced globally, IoT devices such as the Amazon Echo, Google Home, and Nest Thermostat are becoming a part of more and more households. In the data-driven world we live in today, internet service providers (ISPs) and companies are collecting large amounts of data and using it to learn about their customers. As a result, it is becoming increasingly important to understand what information ISPs are capable of collecting. IoT devices in particular exhibit distinct behavior patterns and specific functionality which make them especially likely to reveal sensitive information. Collection of this data provides valuable information and can have some serious privacy implications. In this work I present an approach to fingerprinting IoT devices behind private networks while only examining last-mile internet traffic . Not only does this attack only rely on traffic that would be available to an ISP, it does not require changes to existing infrastructure. Further, it does not rely on packet contents, and therefore works despite encryption. Using a database of 64 million packets logged over 15 weeks I was able to train machine learning models to classify the Amazon Echo Dot, Amazon Echo Show, Eufy Genie, and Google Home consistently. This approach combines unsupervised and supervised learning and achieves a precision of 99.95\%, equating to one false positive per 2,000 predictions. Finally, I discuss the implication of identifying devices within a home.
|
3 |
Návrh IoT zařízení komunikujícího pomocí standardu NB-IoT / Design of IoT device communicating by using NB-IoT standardVörös, Ondrej January 2019 (has links)
This diploma thesis deals with the design of low-power IoT device communicating by using the NB-IoT standard. The theoretical part of the thesis is dedicated to the explanation of the principles and capabilities of communication in IoT networks Sigfox, LoRa and NB-IoT, and also its physical layer, network architecture, techonology principles and frequency bands used. The application part of the thesis is dedicated to design of the NB-IoT device from the system design through the selection of main components to the detailed physical design of the device. Two prototypes of the device with two different radio modules used are fabricated on which is performed measurement of the power profile of the device in various operation modes.
|
4 |
Evaluating Distributed Machine Learning using IoT DevicesZam, Anton January 2021 (has links)
Internet of things (IoT) blir bara större och större varje år och nya enheter läggs till hela tiden. Även om en stor del av dessa enheter är kontinuerligt använda finns det fortfarande väldigt många enheter som står inaktiva och sitter på oanvänd processorkraft som kan användas till att utföra maskininlärnings beräkningar. Det finns för nuvarande väldigt många metoder för att kombinera processorkraften av flera enheter för att utföra maskininlärnings uppgifter, dessa brukar kallas för distribuerade maskininlärnings metoder. huvudfokuset av detta arbetet är att utvärdera olika distribuerade maskininlärnings metoder för att se om de kan implementeras på IoT enheter och i fallet metoderna kan implementeras ska man mäta hur effektiva och skalbara dessa metoderna är. Den distribuerade maskininlärnings metoden som blivit implementerad i detta arbete kallas för ”MultiWorkerMirrorStrategy” och denna metod blev utvärderar genom en jämförelse på träningstiden, tränings precisionen och utvärderings precisionen av 2,3 och 4 Raspberry pi:s med en icke distribuerad metod vilket endast använt sig av 1 Raspberry pi. Resultatet av mätningarna visade att trots att processorkraften ökar för varje enhet som lagts till i clustret blir träningstiden högre samtidigt som resterande mätningar var desamma. Genom att analysera och diskutera dessa resultat drogs slutsatsen att den overhead som skapats av att enheterna kommunicerar med varandra är alldeles för hög vilket resulterar i att den implementerade metoden är väldigt ineffektiv och kan inte skallas upp utan att någon typ av optimering läggs till. / Internet of things is growing every year with new devices being added all the time. Although some of the devices are continuously in use a large amount of them are mostly idle and sitting on untapped processing power that could be used to compute machine learning computations. There currently exist a lot of different methods to combine the processing power of multiple devices to compute machine learning task these are often called distributed machine learning methods. The main focus of this thesis is to evaluate these distributed machine learning methods to see if they could be implemented on IoT devices and if so, measure how efficient and scalable these methods are. The method chosen for implementation was called “MultiWorkerMirrorStrategy” and this method was evaluated by comparing the training time, training accuracy and evaluation accuracy of 2,3 and 4 Raspberry pi:s with a nondistributed machine learning method with 1 Raspberry pi. The results showed that although the computational power increased with every added device the training time increased while the rest of the measurements stayed the same. After the results were analyzed and discussed the conclusion of this were that the overhead added for communicating between devices were to high resulting in this method being very inefficient and wouldn’t scale without some sort of optimization being added.
|
5 |
Internet of Things: Business plan for an early-stage technology driven start-up / Internet of Things: Business plan for an early-stage technology driven start-upVerteletskyi, Maksym January 2016 (has links)
The goal of the thesis is to write a business plan for an early stage internet of things startup, specializing in indoor safety & facility management. Evaluate the potential of this business idea and its value proposition. Select the proper entry markets and calculate financial projections. Do it in such way that it would be acceptable by investors interested in making capital inputs.
|
6 |
Scalable IoT Network Testbed with Hybrid Device EmulationZhao, Zhengan 19 August 2022 (has links)
In recent years, the Internet of Things (IoT) has been proliferating in various fields,
such as health care, smart city, and connected autonomous vehicles. Accompanying
the popularity of IoT are security attacks that exploit the vulnerabilities of many IoT
devices. To build IoT anomaly detection systems, we need to collect and label a large
amount data from diverse IoT scenarios, which is a time-consuming and prohibitive
task if without the support of an IoT testbed. This thesis fills this urgent need by
developing a scalable, flexible, safe, and secure IoT testbed.
To make the testbed scalable, we need to reduce the hardware cost and make
its architecture easily extendable. For this, we build a hybrid testbed consisting of
real IoT devices, such as motion sensors and smart cameras, and emulated devices
with Raspberry Pi. The emulated devices can replace real IoT devices with the same
operational behaviour as real IoT devices but at a much lower price. Flexibility means
the testbed can easily simulate different application scenarios. To make the testbed
flexible, we build a dedicated data management module to facilitate the complex
tasks in generating diverse traffic patterns, reproducing security attacks, collecting,
visualizing, and analyzing network traffic. Testbed safety means the testbed will
not cause any adverse impact to the Internet, and testbed security means protecting
it from outside attacks. For safety, we carefully analyze the source code and the
behaviour of launched attacks and configure a traffic filter to strictly contain the
attack traffic within the testbed. For security, we scan and analyze the security of all
IoT devices within the testbed to ensure no exposed vulnerability in the used devices. / Graduate
|
7 |
NB-IoT Coverage : Development of a measuring instrument for NB-IoT / NB-IoT täckning : Utveckling av ett mätinstrument för NB-IoTBlom, Albin January 2021 (has links)
This report is an exposition of the development of a measuring instrument whosetask is to map the physical coverage of the NB-IoT network. The measuringinstrument was developed on TietoEvry's initiative, as it was in their interest to obtaina measuring instrument that can be used to map the coverage in parts of VarmlandsNB-IoT network. Which in this way provides an assessment for any future projectsinvolving NB-IoT. The development of the measuring instruments you can carry withyou out into the field, uses a microcomputer for collecting measurement data savedin a log file using Python. The report also describes a complimentary program that inturn takes and visualizes the acquired data in the form of markers on a map, whichshows the signal strength of the NB-IoT network. The visualization program is writtenin Java and is based on the open source project: jxmapviewer2. However, themeasuring instrument as it is today needs further testing to ensure the accuracy ofthe measuring instrument. Something that can be looked over in the future.
|
8 |
Univerzální komunikační zařízení využívající technologie LoRaWAN a Narrowband IoT / Multi-radio Tester Utilizing LoRaWAN and Narrowband IoT Communication TechnologiesNovotný, Jaromír January 2019 (has links)
This Master thesis is focused on the design and consequential realization of the Multi-RAT communication device. The theoretical part describes a comparison of two promising communication LPWA (Low Power Wide Area) technologies that are available to use in the Czech Republic. These technologies are NB-IoT (NarrowBand-Internet of Things) and LoRaWAN (Long Range Wide Area Network). The practical part contains a description used components, their consequential fitting and testing of designed printed circuit board of the device. The thesis also describes the implementation of software and realized measurement. Technical documentation of a device can be found in the appendix of this thesis.
|
9 |
NB-IoT and LoRaWAN Performance Testing in Urban and Rural EnvironmentMilos Stankovic (9741251) 15 December 2020 (has links)
With technology advancements and the prices of electronic components reducing over the last fifteen years, many devices and systems that would have been proprietary only for large companies or industry giants are becoming an everyday household item. Various areas of technology have been benefiting from this but one of the biggest is the Internet of Things (IoT).With the prevalence of IoT, it has been integrated into houses, small businesses, farms, agriculture, building automation, etc. and the user population is now a resource to the industry as they complete personal projects. Within any project there are always limitations, this might be a limited time, limited funds, limited distance, or limitations of the devices being used. This study proposes to evaluate two low-powered networks, Narrowband Internet of Things (NB-IoT)and Long-Range Wide-Area Network(LoRaWAN), in different environments with the goal of understanding where the signal propagation is better and what distances can be reached despite obstructions. Distances and signal propagations, when measured by the manufacturers are often evaluated in ideal conditions which is rarely the case when utilized in the field. This creates a gap in the deployment and the end-users are frequently faced with diminished performances. As IoT is predominantly employed in urban and rural areas this study will focus on those two settings by testing the Received Signal Strength Indicator (RSSI)at various distances. The evaluation testing of the two systems showed each system performing more consistently in rural areas but neither had 100% coverage at any locations.
|
10 |
Exploring Vulnerabilities and Security Schemes of Service-Oriented Internet 0f Things (IoT) ProtocolsKayas, Golam, 0000-0001-7186-3442 08 1900 (has links)
The Internet of Things (IoT) is spearheading a significant revolution in the realm of computing systems for the next generation. IoT has swiftly permeated various domains, including healthcare, manufacturing, military, and transportation, becoming an essential component of numerous smart devices and applications. However, as the number of IoT devices proliferates, security concerns have surged, resulting in severe attacks in recent years. Consequently, it is imperative to conduct a comprehensive investigation into IoT networks to identify and address vulnerabilities in order to preempt potential adversarial activities.
The aim of this research is to examine different IoT-based systems and comprehend their security weaknesses. Additionally, the objective is to develop effective strategies to mitigate vulnerabilities and explore the security loopholes inherent in IoT-based systems, along with a plan to rectify them.
IoT-based systems present unique challenges due to the expanding adoption of IoT technology across diverse applications, accompanied by a wide array of IoT devices. Each IoT network has its own limitations, further compounding the challenge. For instance, IoT devices used in sensor networks often face constraints in terms of resources, possessing limited power and computational capabilities. Moreover, integration of IoT with existing systems introduces security issues. A prime example of this integration is found in connected cars, where traditional in-vehicle networks, designed to connect internal car components, must be highly robust to meet stringent requirements. However, modern cars are now connected to a wide range of IoT nodes through various interfaces, thus creating new security challenges for professionals to address. This work offers a comprehensive investigation plan for different types of IoT-based systems with varying constraints to identify security vulnerabilities. We also propose security measures to mitigate the vulnerabilities identified in our investigation, thereby preventing adversarial activities. To facilitate the exploration and investigation of vulnerabilities, our work is divided into two parts: resource-constrained IoT-based systems (sensor networks, smart homes) and robustness-constrained IoT-based systems (connected cars).
In our investigation of resource-constrained IoT networks, we focus on two widely used service-oriented IoT protocols, namely Universal Plug and Play (UPnP) and Message Queue Telemetry Transport (MQTT). Through a structured phase-by-phase analysis of these protocols, we establish a comprehensive threat model that explains the existing security gaps in communications. The threat models present security vulnerabilities of service-oriented resource-constrained IoT networks and the corresponding security attacks that exploit these vulnerabilities. We propose security solutions to mitigate the identified vulnerabilities and defend against potential security breaches. Our security analysis demonstrates that the proposed measures successfully thwart adversarial activities, and our experimental data supports the feasibility of the proposed models.
For robustness-constrained IoT-based systems, we investigate the in-vehicle networks of modern cars, specifically focusing on the Controller Area Network (CAN) bus system, which is widely adopted for connecting Electronic Control Units (ECUs) in vehicles. To uncover vulnerabilities in these in-vehicle networks, we leverage fuzz testing, a method that involves testing with random data. Fuzz testing over the CAN bus is a well-established technique for detecting security vulnerabilities in in-vehicle networks. Furthermore, the automatic execution of test cases and assessment of robustness make CAN bus fuzzing a popular choice in the automotive testing community. However, a major drawback of fuzz testing is the generation of a large volume of execution reports, often containing false positives. Consequently, all execution reports must be manually reviewed, which is time-consuming and prone to human errors. To address this issue, we propose an automatic investigation mechanism to identify security vulnerabilities from fuzzing logs, considering the class, relative severity, and robustness of failures. Our proposed schema utilizes artificial intelligence (AI) to identify genuine security-critical vulnerabilities from fuzz testing execution logs. Additionally, we provide mechanisms to gauge the relative severity and robustness of a failure, thereby determining the criticality of a vulnerability. Moreover, we propose an AI-assisted vulnerability scoring system that indicates the criticality of a vulnerability, offering invaluable assistance in prioritizing the mitigation of critical issues in in-vehicle networks. / Computer and Information Science
|
Page generated in 0.0178 seconds