University of Twente Student Theses

Login

IOT device profiling for Honeypot generation

Karchev, F. (2019) IOT device profiling for Honeypot generation.

[img] PDF
2MB
Abstract:In the next year(2020) it is estimated that there will be more than 20 billions IOT devices[1]. Some of the areas they can be found are: home automation, industrial sector, automated vehicles and much more. The diversity of functionalities they posses facilitate many tedious daily tasks, or improve significantly our productivity. The easy access and control over these "things" change the way we communicate with other people and the world around us. However, this expansion of connectivity hides many new risks that have not been observed before. Due to the severe competition between IOT manufactures, many of them decide that they will have success when they reduce the price of their products. To do so, they reduce the quality of the hardware components they use and skip important software development practises just to reach the market as soon as possible. Hence, their products become insecure and potential victims to cyber criminals. From decades cybersecurity experts are trying to protect the digital world from every new threat that the hackers create. That constant battle between "good" and "evil" has significantly changed the security features involved in the technologies used today. To successfully react to new challenges, the security experts need to understand what are the intentions of an attackers and how they try to penetrate given product. One approach that can answer these questions without risking the security of a real product is using honeypots. A honeypot is a virtual clone of a given device or a service that aims to trick the attacker to believe that have hacked the targeted device. Then the honeypot is able to determine what actions are being performed from the hacker and possible to collect any files that the attacker has uploaded. But in order to successfully fool the hacker, the honeypot should work as close as possible as the original device. Such similarity requires knowledge of the technology the device is using and the services it provides. In this document we will refer to this knowledge as the profile of the device. However, there are thousands of types of IOT devices and this makes it impossible to have a profile for every one of them. In this document I will present the results of a research I have conducted over how IOT devices can be profiled. I will use my findings to create a first prototype of an IOT Profiler project. I will use the obtained profile to configure another project called the server. The server then will be able to generate a virtual copy of the device. Furthermore, I will use different approaches and penetration testing tools to compare the results from the original IOT device and the created honeypot. Finally, I will explain how such profile should be extended in the future to optimize its performance and results.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:https://purl.utwente.nl/essays/79167
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page