CSI1209-07 IoT Security

• We used the raspberry pi device as it is affordable, easy to configure and contains all the basic fundamentals of a computer.
• The software we used was Kismet, as it opensource and has a graphical user interface that makes it easier for a normal user to understand.
• Kismet integrates 2 different monitoring methods for WiFi and Bluetooth devices so the user does not have to worry about using a different method for tracking Bluetooth devices in their environment.
• Using Shodan as a second layer of security helps us make sure that even if any malicious signatures or indicator of compromise is passed through Kismet then it will be detected by Shodan CLI so the user can take subsequent measures to then prevent any compromise on the devices.

The main challenge for us to decide which software to use and test its compatibility with Raspberry Pi, some of the best software that we thought would be the best choice for us was not working well on Raspberry Pi because of it is a ARM based architecture. The software and tools that we have tested and problems that we faced is as follows:

• Bro IDs or Zeek IDs some problems with prerequisites
• OpenVAS the biggest problem was it wasn’t compatible with the configuration of the Raspberry pi. Raspberry Pi wasn’t able to handle the vulnerability scanner with its processing power
• Nmap was working fine, but we didn’t think it was convenient, so we decided to explore further
• NEMS Linux with Cacti, and it is excellent for network monitoring but won’t work for Intrusion Detection
• Snort was perfectly monitoring in a virtual environment. Initially we tried to compile Snort in Kali Linux OS on Raspberry Pi, it did not even started. Then we compiled Snort in Raspbian, it compiled and started well, but it was detecting packets that are on the server only, though we turned on the promisc mode, it was not able to detect the packets of other devices on the network.
• Shodan was also a great choice as it works great for devices connected to the internet but not for Bluetooth device. We liked working with Shodan and decided to keep it as a secondary method for this project
• Kismet Initially, we encountered many problems with Kismet, but we found it was a perfect fit for our project after trying different operating systems. We tried Kismet on Raspbian, but we could not enable the monitoring mode for wlan0. By switching the Operating system to Kali, we solved this problem, and it works great for both Bluetooth and WIFI connected devices.

We managed to configure a Raspberry Pi device with Kismet Intrusion Detection System which can monitor a home network in real time, looking out for any signs of compromise and upon detection it would immediately notify the user of  the infected device(s). Along with monitoring WiFi devices, it will also audit Bluetooth devices. It also shows vital information about the devices such as their manufacturer’s name, date and time of first detection, whether the data packets transferring through it are encrypted, number of packets and much more. It also allows us to configure a list of valid MAC addresses for a given SSID to detect spoofed SSID attacks. In addition Shodan CLI helps us monitor our network remotely and keeps us informed when any new service or vulnerability gets detected on our IP address.

• Communication plays a crucial role when accomplishing a team project.
• Always researching and considering technical limit of the devices and tools for project like ours.
• There is sometimes more than one way to achieve a goal, if you are stuck at one point try to find an alternate path to reach the same goal.
• When working with a project like IoT security, where the prototype in concern will be responsible for the cyber security of various devices, it is important to try one’s hand at all the available options to come up with the best software/service which is fit for purpose.
• IoT devices certainly can bridge the gap between the physical and virtual worlds but at the same time we need to make sure that they are deployed and maintained securely so as to avoid any breaches.