Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Finding Vulnerabilities in IoT Devices: Ethical Hacking of Electronic Locks
KTH, School of Electrical Engineering and Computer Science (EECS).
KTH, School of Electrical Engineering and Computer Science (EECS).
2019 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Internet of Things (IoT) devices are becoming more ubiquitous than ever before, and while security is not that important for every type of device, it is crucial for some. In this thesis, a widely available Bluetooth smart lock is examined through the lens of security. By using well-known attack methods, an attempt is made to exploit potential vulnerabilities in the system.The researched lock was found to have design flaws that could be considered low-impact vulnerabilities, but using the system without these flaws in mind could lead to harmful outcomes for the lock owner.Except for the design flaws, no real security problems were discovered, but the methods used in this thesis should be applicable for further IoT security research.

Abstract [sv]

IoT-apparater blir allt mer vanliga i samhället. Det är inte ett krav för alla typer av apparater att ha stark säkerhet, men för vissa är det helt avgörande. I denna avhandling undersöks ett allmänt tillgängligt Bluetooth-smartlås utifrån ett säkerhetsperspektiv. Genom att använda välkända angreppsmetoder görs det ett försök att utnyttja potentiella sårbarheter i systemet.Låset visade sig ha designfel som skulle kunna betraktas som sårbarheter med låg hotnivå, men att använda systemet utan dessa designfel i åtanke skulle kunna leda till farliga påföljder för låsägaren.Förutom designfelen upptäcktes inga riktiga säkerhetsproblem, men metoderna som används i denna avhandling bör vara tillämpliga för ytterligare säkerhetsforskning inom IoT.

Place, publisher, year, edition, pages
2019. , p. 23
Series
TRITA-EECS-EX ; 2019:311
Keywords [en]
ethical hacking; penetration testing; electronic locks; internet of things; iot; threat modeling; security
Keywords [sv]
etisk hacking; penetrationstestning; elektroniska lås; sakernas internet; iot; hotmodellering; säkerhet
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-254667OAI: oai:DiVA.org:kth-254667DiVA, id: diva2:1334605
Supervisors
Examiners
Available from: 2019-07-03 Created: 2019-07-03 Last updated: 2019-07-03Bibliographically approved

Open Access in DiVA

fulltext(475 kB)96 downloads
File information
File name FULLTEXT01.pdfFile size 475 kBChecksum SHA-512
f99c345e604e5d0d789bff718fc8bf1cafc31e5698187ef2c6baf61c3b65d23abec2cd675c03ccb29d70dcd796b851e5a5996c8c5941cc995ecdd2a6546f98b6
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 96 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 302 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf