Details

Simulacija napada na komercialne sisteme IoT
ID Brataševec, Kristjan (Author), ID Pesek, Matevž (Author)

.pdfPDF - Presentation file, Download (3,62 MB)
MD5: 8EA4974783BEE51D7F49B3B01BBCAB5D
URLURL - Source URL, Visit https://uporabna-informatika.si/ui/article/view/252 This link opens in a new window

Abstract
Internet stvari ali IoT (Internet of Things) definira pametne naprave s senzorji in programsko opremo, ki se povezujejo z drugimi napravami in sistemi, za potrebe analize, nadzora ter avtomatizacije podatkov. Primeri takšnih naprav so pametne luči, pametni pralni, sušilni, pomivalni stroji, termostati, varnostne kamere za domove in druge, ki jih je večinoma mogoče enostavno upravljati tudi preko mobilnih aplikacij. Zaradi cenovne dostopnosti in naraščajoče razširjenosti teh naprav so vse pogostejše tudi težave, povezane s pomanjkljivimi podatkovnimi nabori in odsotnostjo avtomatiziranih posodobitev, kar predstavlja ključen varnostni in funkcionalni dejavnik zlasti pri napravah, ki so nenehno povezane z internetom. Napadalci lahko takšne varnostne pomanjkljivosti izkoristijo za nepooblaščeno zbiranje osebnih podatkov, onemogočanje delovanja naprav ali za zlorabo njihove računske moči naprave za vzpostavitev širših omrežij okuženih naprav (angl. botnet). Članek obravnava kritične probleme naprav skozi različne napade in njihov obseg ter strategije za obvladovanje ter preprečevanje napadov IoT. Dodatno analizira tudi večje pretekle napade, na primeru široko dostopnih naprav, kot so pametne žarnice in prezračevalni sistemi, pa prikaže enostavnost izvedbe napada. Prispevek kritično ovrednoti tudi trenutni trend nadomeščanja enostavnih naprav s “pametnimi” različicami, ki zaradi večje kompleksnosti in pomanjkljive varnostne zasnove postaja vse večji in težje obvladljiv varnostni izziv sodobnega digitalnega okolja.

Language:Slovenian
Keywords:IoT, napadi DoS, napadi s ponavljanjem, napadi zaradi slabe avtentikacije, obramba pred napadi
Work type:Article
Typology:1.01 - Original Scientific Article
Organization:FRI - Faculty of Computer and Information Science
Publication status:Published
Publication version:Version of Record
Year:2025
Number of pages:16 str.
Numbering:Letn. 33, št. 3
PID:20.500.12556/RUL-176620 This link opens in a new window
UDC:004.056.5:004.738.5
ISSN on article:1318-1882
DOI:10.31449/upinf.252 This link opens in a new window
COBISS.SI-ID:257721603 This link opens in a new window
Publication date in RUL:05.12.2025
Views:51
Downloads:12
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Record is a part of a journal

Title:Uporabna informatika
Shortened title:Uporab. inform.
Publisher:Slovensko društvo Informatika
ISSN:1318-1882
COBISS.SI-ID:36338688 This link opens in a new window

Licences

License:CC BY 4.0, Creative Commons Attribution 4.0 International
Link:http://creativecommons.org/licenses/by/4.0/
Description:This is the standard Creative Commons license that gives others maximum freedom to do what they want with the work as long as they credit the author.

Secondary language

Language:English
Title:Attack simulation on commercial IoT systems
Abstract:
Internet of Things (IoT) defines smart devices with sensors and software that connect to other devices and systems for data analysis, control, and automation purposes. Examples of such devices include smart lights, smart washers, dryers, dishwashers, thermostats, home security cameras, and other devices, most of which can be easily controlled via mobile applications. Due to the affordability and increasing prevalence of such devices, problems related to incomplete data sets and the absence of automated updates are also becoming more common, which is a key security and functional factor for devices that are constantly connected to the Internet. Attackers can exploit such security flaws to unlawfully collect personal data, disable devices, or misuse their computing power to build larger networks of infected devices (botnets). The article discusses critical device problems through various attacks and their scope, as well as strategies for managing and preventing IoT attacks. It also analyses major past attacks, and using widely available devices such as smart light bulbs and ventilation systems, it demonstrates the ease of attack implementation. The paper also critically evaluates the current trend of replacing simple devices with “smart” versions, which, due to increased complexity and inadequate security design, is becoming an increasingly challenging and difficult-to-manage security issue in the modern digital environment.

Keywords:IoT, DoS attacks, replay attacks, weak authentication attacks, defense against attacks

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back