Enterprise IoT Device Visibility
Ho, Dung (2021)
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
http://urn.fi/URN:NBN:fi:amk-202102252699
http://urn.fi/URN:NBN:fi:amk-202102252699
Tiivistelmä
This thesis examines the common protocols that are used in Enterprise IoT devices, especially the Bluetooth protocol. Bluetooth is a wireless technology that had been used widely since it was introduced by Ericsson in 1994. There are also several vulnerabilities that need to be addressed.
It is very important to gain a better understanding of the Bluetooth protocol in an enterprise in order to implement a secure Intrusion Detection System (IDS) and optimize the use of these devices. The goal of the thesis was to provide Bluetooth visibility, to study threat scenarios arising from the use of IoT in the enterprise, and to examine how to extend a commercial IDS in the ICS.
The thesis presents the work by researching through various reputed magazines to collect all the IoT protocols and their specifications and a Bluetooth module is implemented in the ICSP - a specific system that had been developed by the commissioning company, Forescout Technologies Inc. The module was implemented by assessing each technology stack access such as Python, Lua, and specialized wireless access points like Cisco Meraki SDK, Aruba.
The final Bluetooth module functioned properly and I was able to retrieve the list of wireless devices with the principal information of each device. Despite that, this module is a small but important part of IDS whose purpose is to identify the assets, the first important phase in Threat modeling. For further development, the project can be implemented by using the Simple Network Management Protocol (SNMP), an effective way to monitor the local traffic. The whole module can be used to develop the IDS in various industries such as Energy, Water, Fleet, Healthcare.
It is very important to gain a better understanding of the Bluetooth protocol in an enterprise in order to implement a secure Intrusion Detection System (IDS) and optimize the use of these devices. The goal of the thesis was to provide Bluetooth visibility, to study threat scenarios arising from the use of IoT in the enterprise, and to examine how to extend a commercial IDS in the ICS.
The thesis presents the work by researching through various reputed magazines to collect all the IoT protocols and their specifications and a Bluetooth module is implemented in the ICSP - a specific system that had been developed by the commissioning company, Forescout Technologies Inc. The module was implemented by assessing each technology stack access such as Python, Lua, and specialized wireless access points like Cisco Meraki SDK, Aruba.
The final Bluetooth module functioned properly and I was able to retrieve the list of wireless devices with the principal information of each device. Despite that, this module is a small but important part of IDS whose purpose is to identify the assets, the first important phase in Threat modeling. For further development, the project can be implemented by using the Simple Network Management Protocol (SNMP), an effective way to monitor the local traffic. The whole module can be used to develop the IDS in various industries such as Energy, Water, Fleet, Healthcare.