Análisis de vulnerabilidades de internet de las cosas en casos de estudio de intrusión y detección en el laboratorio de sistemas embebidos, UPS Q-SUR

Abstract

The objective of this research work is to analyze the vulnerabilities of the internet of things for detection and intrusion in the UPS Q-SUR embedded systems laboratory. For which, it was divided into 3 types of networks according to their coverage, such as: WPAN with IoT Bluethoot modules, WLAN with ESP8266 module and WWAN with Lora TTGO ESP32 modules, which configure each of the networks through which it is transmitted. the data from the sensors (DHT11, MQ2, PIR). An attack is carried out on the WWAN and WPAN network from external sniffer modules such as nRF52840 and CatWAN USB Stick, respectively, and an ARP poisoning attack is carried out on the WLAN with the ettercap tool. Once the respective attacks have been carried out, the packets are monitored and captured by means of Wireshark to show if the data is encrypted or plain data, thus determining if there are vulnerabilities within each analyzed network. With the attack carried out on the network between ESP8266 and the gateway, a vulnerability was found when sending the data to the ThinkSpeak platform, evidencing plain ion.