IoTective: Automated Penetration Testing for Smart Home Environments

Kevin Nordnes; Jia-Chun Lin; Ming-Chang Lee; Victor Chang

doi:10.5220/0012554500003705

IoTective: Automated Penetration Testing for Smart Home Environments

Kevin Nordnes, Jia-Chun Lin, Ming-Chang Lee, Victor Chang

2024

Abstract

As the prevalence of Internet of things (IoT) continues to increase, there is a corresponding escalation in security concerns. Given that many IoT devices lack robust security features, the need for specialized security testing tools has become evident. In this paper, we introduce an open-source automated penetration testing tool named IoTective for smart home environments in response to the increasing security concerns surrounding IoT devices. IoTective aims to discover devices in Wi-Fi, Bluetooth, and Zigbee networks, identify vulnerabilities, and gather valuable information for further analysis. IoTective streamlines the initial stages of reconnaissance, planning, and scanning, which provides a good support for a variety of devices and protocols common used in smart home environments. With a focus on ease of use and flexibility, the tool provides an intuitive user interface and customizable scanning capabilities. We evaluated the effectiveness of IoTective and explored the impact on overall security posture. Ethical considerations for automated penetration testing are also discussed.

Download

Paper Citation

in Harvard Style

Nordnes K., Lin J., Lee M. and Chang V. (2024). IoTective: Automated Penetration Testing for Smart Home Environments. In Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS; ISBN 978-989-758-699-6, SciTePress, pages 29-39. DOI: 10.5220/0012554500003705

in Bibtex Style

@conference{iotbds24,
author={Kevin Nordnes and Jia-Chun Lin and Ming-Chang Lee and Victor Chang},
title={IoTective: Automated Penetration Testing for Smart Home Environments},
booktitle={Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS},
year={2024},
pages={29-39},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012554500003705},
isbn={978-989-758-699-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS
TI - IoTective: Automated Penetration Testing for Smart Home Environments
SN - 978-989-758-699-6
AU - Nordnes K.
AU - Lin J.
AU - Lee M.
AU - Chang V.
PY - 2024
SP - 29
EP - 39
DO - 10.5220/0012554500003705
PB - SciTePress