Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Dynamic Intelligence Gathering on The Internet of Things
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology.
2019 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Society is connecting more and more devices to the internet. There are many benefits to using connected devices, such as continuous monitoring of critical systems, easy access from various locations and device data collection. The backside of all of these interconnected devices are cyber security vulnerabilities. Penetration testers are professionals working to secure the connected society from cyber attacks. An attempt at preparing penetration testers and facilitating their work of securing connected devices and systems using connected devices by compiling a list of popular communication protocols has been made. The analysed communication protocols are: Zigbee, MQTT, AMQP, LoraWAN, 6LoWPan, Bluetooth/Bluetooth low energy, ANT, Enhanced Shockburst, Long term evolution and Z-wave. The compilation includes the protocol architecture, known vulnerabilities and tools for penetration testing. The compiled information can be used to scope which knowledge and tools might be required to perform a security analysis of a device or setup running one of the analysed protocols. Cyber attacks and counter measures are constantly evolving therefore a method for continuous updating of this compilation has been proposed. If an information bank on vulnerabilities and tools is to be useful in the future, updating and reviewing needs to be incorporated in the work flow to ensure that the most recent vulnerabilities and tools are included. By keeping an updated information bank, knowledge can be shared between penetration testers and continuously expanded.

Place, publisher, year, edition, pages
2019. , p. 77
Series
UPTEC IT, ISSN 1401-5749 ; 19014
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:uu:diva-393280OAI: oai:DiVA.org:uu-393280DiVA, id: diva2:1352431
Educational program
Master of Science Programme in Information Technology Engineering
Supervisors
Examiners
Available from: 2019-09-18 Created: 2019-09-18 Last updated: 2019-09-18Bibliographically approved

Open Access in DiVA

fulltext(1274 kB)12 downloads
File information
File name FULLTEXT01.pdfFile size 1274 kBChecksum SHA-512
275333e0d093672a3505b5b6529fd54cb83c5f3951c868abbbf804497725e6261b3032210a018077420d2a93ff1dbad7c327206e8bbe75cabfd10aafc1c1ef08
Type fulltextMimetype application/pdf

By organisation
Department of Information Technology
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 12 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 23 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf