Tesis Telecomunicaciones

Permanent URI for this collectionhttp://repositorio.uta.edu.ec/handle/123456789/34848

Browse

Filters

20242

Settings

Subject: search.filters.subject.PRUEBAS DE PENETRACIÓN

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Honeynet para análisis, evaluación y tratamiento de riesgos cibernéticos en un sistema iot
    (Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Telecomunicaciones, 2024-08) Acosta Proaño, Yulisa Francisca; Sánchez Zumba, Andrea Patricia
    The security of home IoT systems is critical for protecting sensitive data and ensuring the integrity, availability, and confidentiality of information and devices. Nessus was utilized to analyze the vulnerabilities of the most common smart devices on the market. Based on these findings, a Honeynet was designed to expose these vulnerabilities and illustrate potential attacks on home IoT devices. Penetration tests were conducted to assess the security of devices within the home IoT system, as well as tests through the Honeynet, which included WiFi network hacking and control of IoT devices from the LAN. The honeypots deployed in the project are ConPot and CitrixHoneypot, which logged exploits of vulnerabilities CVE-2013-2566 and CVE-2015-2808. Additionally, a custom honeypot in Python was created to capture TCP SYN Flooding DoS attacks on port 6668/TCP utilizing the IRC service. The results of these tests were crucial in developing a risk treatment plan, based on a baseline model for data security, privacy of individuals, and IoT devices in home environments. A GAP analysis was conducted to determine the current state of the system. The risk treatment plan proposes specific controls and policies to mitigate identified risks and enhance the security of the IoT system, ensuring continuous and robust protection for IoT devices in smart homes.
  • No Thumbnail Available
    Item
    Soluciones de seguridad en sistemas iot de hogares inteligentes para mitigar riesgos y vulnerabilidades mediante la realización de pruebas de penetración
    (Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Telecomunicaciones, 2024-02) Araujo Robalino, María Isabel; Cuji Rodríguez, Julio Enrique
    The Internet of Things (IoT) is revolutionizing the intercommunication between smart home devices. However, the security of these systems faces security challenges as more devices are incorporated, so effective solutions are needed to protect sensitive data and information integrity. The IoT system designed for this research is made up of a variety of devices common in smart homes, such as lights, switches, plugs, security cameras, motion sensors, and an "Alexa" voice assistant. Penetration testing on this system uses the Stride model, which analyzes six categories of threats: spoofing, data tampering, repudiation, information disclosure, denial of service, and elevation of privilege; to identify specific risks and vulnerabilities. Based on these results, measures are established to ensure the security of the system, including limiting access to authorized devices, assigning static IP addresses, and strong passwords in the router's configuration. In addition, specific tools are incorporated in the machine to monitor and control data traffic, allowing users to supervise their network’s status. The evaluation of the effectiveness of these measures reveals a mitigation of vulnerabilities of up to 64,052% in the total system. This highlights the effectiveness of the security measures applied. This high percentage of mitigation evidences the robustness of the system in protecting against possible attacks and guarantees a more secure environment for the system's IoT devices