Security in home IoT environments

Abstract

This thesis investigates the overall security of home IoT environments and how to remediate most of the common security issues in IoT environments. The assumption is made that most IoT environments are poorly or lazily configured when it comes to security. The methods used to research the security are to read research papers on the topic and to run several malicious attacks based on the read material on an IoT environment. After running the different attack tests on the environment, the next step is remediating the security issues. The IoT environment is a home experiment environment, which is set up by using two Raspberry PI devices. The Raspberry PI devices use two sensors to gather data. The different attack tests performed on the environment are a wireless network breach, a DoS attack, and two brute-force attacks. The studied security mitigation techniques are HTTPS, stronger passwords, blocking unknown IP addresses, and locking user accounts after a certain number of failed credential checks. The found results were that all of the malicious attacks were successful on the environment. The security mitigations were also successful, enabling HTTPS in the environment, creating stronger passwords, and blocking unknown IP addresses helped securing the environment.