VULNERABILITY DETECTION AND RESOLUTION IN INTERNET OF THINGS (IoT) DEVICES
Ogunnaike, Ruth Motunrayo
MetadataShow full item record
The use of Internet of Things (IoT) devices has grown significantly in the past decade. While IoT is expected to improve life for many by enabling smart living spaces, the number of security risks that consumers and businesses face is also increasing. A high number of vulnerable IoT devices are prone to attacks and easy exploit. Previous researches has focused on security that must be implemented by administrators and manufacturers to be effective. This research propose a system that does not rely on best practices by IoT device companies, but rather allows inexperienced users to be confident about the security of the devices that they add to their network. This research presents an implementation of an IoT architectural framework, called SeeSec, based on Software Defined Networking (SDN) paradigm. In this architectural framework, IoT devices attempting to join an IoT network are scanned for vulnerabilities using custom vulnerability scanners and penetration testing tools before allowing communication with other devices in the network. In the case that a vulnerability is detected, the system will try to fix the vulnerability. If the fix fails, the user will be alerted to the vulnerability and provided with suggestions for fixing it before the device will be allowed to join the network. SeeSec is built on both existing corporate vulnerability scanners, and custom scanners to run security scans in the IoT devices. The research aim to build a user friendly system that makes it easy for non-technical users to understand the suggestions provided by the system to resolve detected vulnerabilities that the system is unable to resolve automatically.