Render 2016
Portfolio
  • Slider Image
    Low Shien Kiat
  • Slider Image
    Bijjala Naga Krishna Suteja
  • Slider Image
    Cheong Zun Jie
  • Slider Image
    Darren Neo

IoT Honeypot

Categories

Course & option:
Diploma in Infocomm Security Management

Project Title
IoT Honeypot

Team Members
Low Shien Kiat, Darren Neo, Bijjala Naga Krishna Suteja, Cheong Zun Jie

Internal Supervisor
Dr. Lu Liming (lu_liming@sp.edu.sg)

External Supervisor
Mr. Christopher Lek (The Honeynet project- Singapore Chapter)

Technology Used
HTTP, SSH, XMPP, Raspberry Pi, Python

Background:
A study released by Hewlett-Packard found that 70% of devices connected to the Internet are vulnerable to some form of attack. With the exponential growth of “Internet of Things”, there is a rising concern on the increasing attack vectors for attackers into user devices. In order to study attacker methods and to facilitate the collection of the statistics of such attacks, we have made a honeypot that can emulate IoT services. This will allow us to understand the new threat landscape of IoT.

Description:
The project aims to deliver an Internet of Things Honeypot, where an internet of thing will be simulated. For the project, a webcam interface will be simulated and hosted on a server which is open to the outside world, so that it will attract attackers to the interface, where their activities will be logged down. Anything attackers try to do, be it uploading malicious files, trying to redirect to another page, will be recorded down and analyzed. The webcam interface will be simulated via HTTP, where it will display a live footage of a webcam stream, such that it will be the main attraction of attackers. Not only HTTP, protocols such as SSH and XMPP will also be tested on. The data these protocols have collected will be analyzed to derive the pattern and forms of attacks that are currently being used. Not only the project aims to deliver a product, it will also spread awareness to the public that Internet of Things are not completely secure, attacks are commonly performed under the cloud. Therefore, honeypot can be used to derive the commonly used attacks and their methods, where countermeasures can be implemented to prevent them from happening.

Potential Opportunities:
These honeypots can be a useful tool for determining the weaknesses of an IoT protocol and for the testing of these protocols. They can help us map out the threat landscape for IoT devices, allowing for increased awareness in the Industry.

 



 

Client

Confidential

Date

Undated