Johannes Olegård
The “internet of things” (IoT) is an ongoing trend where a multitude internet-connected devices become more common. Many of these devices have easily exploitable security vulnerabilities. This has led to large-scale cyberattacks such as the Mirai botnet Distributed Denial of Service (DDOS) attacks. More cybercrime can be expected in the future, especially as the number of IoT devices, and types of IoT devices, grow.
In this project, the security of an IoT ecosystem was investigated from two perspectives: security testing and Digital Forensics (DF).
Security testing was used to search the Application Programming Interfaces (APIs) of the IoT ecosystem for security vulnerabilities. Three Security Application Testing Tools (SAST) were used to search the source code of the cloud-part of the system. A manual review was done to search the system as whole, with the guide of common vulnerability lists from the Open Web Application Security Project (OWASP). As a result, severe security vulnerabilities were found.
A DF experiment was conducted where actions were taken in five Android smartphone apps to control six IoT devices (two are from aforementioned IoT ecosystem). The contents of the smartphone was then examined for forensic evidence of those actions. Additionally the contents one of the IoT devices was also examined for evidence. It was concluded that only limited evidence of the actions could be found. The challenges encountered were compared to the challenges described in the DF literature.