Network security is becoming more and more opaque. Most ordinary internet users, while they may not be aware of network security problems, are not protected against unknown users connecting to their internet. This is both a security and a privacy concern for internet users. Our inspiration for this project was originally to help people protect against potential robberies by detecting bluetooth or wireless connection signals from the would-be robbers' phones. However, after starting the project and considering different ideas, the team switched to a device that would help network security.
What it does
Our WiFi/Bluetooth honeypot is a Raspberry Pi (RasPi) that passively detects unknown devices within a well-defined area. The user can register known devices that to ignore while focusing on the unknown devices. Once the RasPi detects a MAC address of an unknown device within the radius trying to connect to its sandboxed wireless access point, Home Honeypot will send a push notification to the user's phone. The user registers the known devices using a locally hosted website on the RasPi, so the device is very easy to set up. The RasPi simply has to be connected to a router using ethernet and it will immediately start to detect devices around it.
How we built it
We used a Raspberry Pi (RasPi) to set up the honeypot that detects MAC address of devices in a given area. The RasPi has both a Bluetooth and WiFi adapter connected to it, so it detects both signals. The known devices can be inputted into Home Honeypot using a locally hosted website containing a form which stores data as a JSON file containing known users of the network. The website is hosted using a Python server running locally on the Pi and is not visible from either the unsecured network or the internet. All data is also stored locally, reducing the attack surface for attackers, as there's no central service to be hacked. The MAC addresses of the devices around the RasPi are then compared the to the MAC addresses of the known users. If there are any unknown devices connected to or near the network, the RasPi will send out a push notification using the Pushbullet API for Android and the unknown users are shown the user on the website.
Challenges we ran into
One major challenge that the team faced was finding hardware that would fulfill the needs of the project. The initial bluetooth and the wifi adapters did not provide enough configurability. A great deal of time was spent trying to solve this problem using the initial adapters, but eventually the team decided to go out and purchase better hardware. Another problem that the team faced was thinking of a practical idea for the hackathon. The team wanted to spend the time at the hackathon creating a project that would be pragmatic and useful for the world, but also feasible to make in the 36 hours of the event.
Accomplishments that I'm proud of
Being able to sniff for valid MAC addresses and parsing through them was a big accomplish for the team. Additionally, most of the team had not worked on a hardware hack before, so setting up the correct kernel modules for the RasPi and getting the adaptors working were accomplishments for the entire team.