IoT Inventory Management & Security

Identifies all IoT devices on a network using MAC or DHCP fingerprinting. Checks device identity with CVEs via a database API, returning a table of devices and their associated vulnerability status.

Comment

Inspiration

My inspiration came from a cybersecurity class in which we talked a lot about the rise of IoT devices and their vulnerabilities. As we are becoming more and more connected with the internet in our daily lives it is important to understand the possible vulnerabilities our personal data faces.

In addition to applications for individuals, I can see this product being used by corporations. More and more companies are adopting smart devices within their sites -- making it easier for cyber intruders to break in. I think it's necessary for companies to have a platform to monitor all the devices connected to their local networks and to manage each one's respective vulnerabilities. Just in my house alone, I discovered some devices that I had forgotten were connected!

The ruggedness in this software stems from the fact that this can be leveraged by an organization to build more efficient response times in regards to a vulnerability. This product can be used to identify a vulnerability in a device as soon as it is released and the company can immediately take steps to secure it.

What it does

The program would first scan the network and create a list of connected devices consisting of their network device name, IP, and MAC Address. Then, using some fuzzy string searching and MAC/DHCP fingerprinting, the device would be identified with a high confidence level. The normalized device names would then be searched in the CVE database, and the script will return a 'Vulnerable' status if a relatively recent CVE is found for that device. Else, 'OK' will be displayed. The status' would be aligned with their normalized device name and displayed in a table.

How I built it

I built some parts of this app using python and some basic bash scripting. I leveraged tools such as nmap and arp to help identify devices.

Challenges I ran into

A big difficulty of this problem is isolating the device name, and building a system to search within the CVE database.

Accomplishments that I'm proud of

I'm proud that I participated in this event and learned a lot from the lectures!

What I learned

Through my project, I learned a lot more about the process of fingerprinting through DHCP and MAC addresses. I think it's a really interesting subject because it is such a hot research area, with much to still be improved.

What's next for IoT Inventory Management & Security

More work on fuzzy string recognition and building a better system to parse an intelligible device name either from the device's name on the network or through ID information found by the map tool. I have experience doing fuzzy string recognition with python packages such as fuzzywuzzy, and with not that much more time that could be implemented.

Additionally, there is more work and research to be done on utilizing a CVE database API.

Built With

Share this project:

Updates