Пожалуйста, используйте этот идентификатор, чтобы цитировать или ссылаться на этот ресурс: https://r.donnu.edu.ua/handle/123456789/2820
Полная запись метаданных
Поле DCЗначениеЯзык
dc.contributor.authorБарибін, Олексій Ігорович-
dc.date.accessioned2023-05-02T12:23:49Z-
dc.date.available2023-05-02T12:23:49Z-
dc.date.issued2019-
dc.identifier.issnISSN 2663 - 4023-
dc.identifier.otherDOI 10.28925/2663-4023.2019.6.7181-
dc.identifier.otherУДК 004.05-
dc.identifier.urihttps://r.donnu.edu.ua/handle/123456789/2820-
dc.descriptionСтаття у науковому виданні Кібербезпека: освіта, наука, техніка № 2 (6), 2019 Київського університету імені Бориса Гринченкаen_US
dc.description.abstractIn the paper analysis of current trends in IoT technologies enabled us to identify a segment for which information security assurance may encounter a lack of its level. These are IoT devices based on ESP32 microcontroller, that designed and implemented at home by non-professionals. The physical model of a handmade IoT system that includes device for measuring temperature based on ESP32 (small-sized ESP32-based development board ESP32 devKit V2 produced by Espressif and digital temperature sensor DS18B20), WiFi home network (based on router TL-WR841N) and web interface (based on node-red-dashboard) was proposed and implemented upon laboratory scale. The initial conditions of the experiment included the following: the use of the UDP protocol, authentication and data encryption based on WPA2-PSK specification, attacker skill level sufficient for use Aircrack-ng tools, Airmon-ng, Airodump-ng, Aireplay-ng, Besside-ng, Wireshark. The result of the experiment based on this model to attempt to gain unauthorized access to the transmitted data was successful. Attack scenario was formulated and consist of four stages: 1 – gaining unauthorized access to a network (network card transfers to monitor mode (Airmon-ng), view available access points (Airodump-ng), handshake interception, guessing the password (Besside-ng); 2 – network traffic interception and analysis (Wireshark); 3 – creating fake ESP32 client using the captured data (Arduino) and connect it to the network; 4 – disconnecting original ESP32 from a server (Aircrack-ng). It is shown that the attacker, who has the basic knowledge and skills in working with common wireless network hacking tools and a basic knowledge of ESP32 and ESP32 programming skills can access the system and send fake information to the web interface. To reduce the probability of the proposed scenario it is recommended to use TCP protocol, which is in contrast to UDP ensures data integrity and sender notification of transmission results.en_US
dc.publisherКиїв: Київський університет імені Бориса Гринченкаen_US
dc.relation.ispartofseriesКібербезпека: освіта, наука, техніка;№ 2 (6), 2019, с. 71-81-
dc.subjectінтернет речейen_US
dc.subjectсценарій атакиen_US
dc.subjectESP32en_US
dc.subjectWiFien_US
dc.subjectInternet of Thingsen_US
dc.subjectattack scenarioen_US
dc.titleТЕСТУВАННЯ БЕЗПЕКИ ПРИСТРОЇВ ІНТЕРНЕТУ РЕЧЕЙ НА БАЗІ МІКРОКОНТРОЛЕРА ESP32en_US
dc.title.alternativeTESTING THE SECURITY ESP32 INTERNET OF THINGS DEVICESen_US
dc.typeArticleen_US
Располагается в коллекциях:Бібліографічні матеріали

Файлы этого ресурса:
Файл Описание РазмерФормат 
Барибін 11.pdfСтаття у науковому виданні Кібербезпека: освіта, наука, техніка № 2 (6), 2019 Київського університету імені Бориса Гринченка1,43 MBAdobe PDFПросмотреть/Открыть


Все ресурсы в архиве электронных ресурсов защищены авторским правом, все права сохранены.