Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
IoT Penetration Testing: Hacking an Electric Scooter
KTH, School of Electrical Engineering and Computer Science (EECS).
KTH, School of Electrical Engineering and Computer Science (EECS).
2019 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

The industry of the Internet of Things (IoT) is a burgeoning market. A wide variety of devices now come equipped with the ability to digitally communicate to a wider network and modern electric scooters are one such example of this trend towards a more connected society. With scooter ride-share companies continually expanding in urban areas worldwide these devices are posing a greater attack surface for hackers to take advantage of. In this report we utilize threat modelling to analyse the potential vulnerabilities in a popular electric scooter. Through penetration testing we demonstrate the existence of major security flaws in the device and propose ways in which manufacturers may guard against these exploits in the future.

Abstract [sv]

Internet-of-Things (IoT) växer globalt. Många produkter kommer utrustade med förmågan att digitalt kommunicera med olika nätverk och moderna elektroniska sparkcyklar är ett exempel på denna trend som går mot ett mer uppkopplat och sammankopplat samhälle. I och med att antalet företag som tillhandahåller elsparkcykeltjänster i urbana miljöer över världen växer, så blir dessa produkter ett större mål för hackare att utnyttja. I denna rapport använder vi hotmodellering för att analysera potentiella sårbarheter i en populär elsparkcykelmodell. Genom att penetrationstesta produkten demonstrerar vi allvarliga säkerhetsfel och föreslår förhållningssätt som tillverkare kan ta hänsyn till för att undvika framtida attacker.

Place, publisher, year, edition, pages
2019. , p. 31
Series
TRITA-EECS-EX ; 2019:220
Keywords [en]
Internet of Things, penetration testing, threat modelling, ethical hacking
Keywords [sv]
Internet of Things, penetrationstestning, hotmodellering, etisk hackning
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-254613OAI: oai:DiVA.org:kth-254613DiVA, id: diva2:1334205
Supervisors
Examiners
Available from: 2019-07-02 Created: 2019-07-02 Last updated: 2019-07-02Bibliographically approved

Open Access in DiVA

fulltext(1998 kB)339 downloads
File information
File name FULLTEXT01.pdfFile size 1998 kBChecksum SHA-512
65b1f17ab475a178be9b91fb7d6954d3de38d39abb55b8c3e03b57b1f9d1f9f6801befb7232028ea2c1daf081c314b8cebde7ad2a89596c319171709e576529a
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 339 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 294 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf