|
|
Automated cyber security tester for smart devices in industry
Dávidík, Roland ; Mlýnek, Petr (oponent) ; Lieskovan, Tomáš (vedoucí práce)
This diploma thesis explains the principle of SCADA systems and describes the DLMS/COSEM protocol. In the next part, it shortly describes the Modbus protocol and details the pros and cons of the Modbus protocol in comparison with the DLMS/COSEM protocol. In the next part, an open-source automated scanner was created. This scanner detects devices in a laboratory network. As the next step, the automated scanner finds out open ports and active services, which run on these devices, and tries to attack HTTP, SSH, and Telnet services. Next, the program checks, whether the found device is a smart-meter device and if it is compatible with DLMS/COSEM protocol. If yes, it checks, if the service is vulnerable to DOS attack and breaker disconnection. Scanner’s findings are presented in a newly created web application. NMAP, Masscan, and Metasploit open-source programs are used in the automated scanner. The whole automated scanner is optimized for the HW device Raspberry Pi with the operating system Raspbian Buster Lite installed. This work also describes the testing of the scanner on the laboratory environment and the results are evaluated afterwards.
|
|
|
Automated cyber security tester for smart devices in industry
Dávidík, Roland ; Mlýnek, Petr (oponent) ; Lieskovan, Tomáš (vedoucí práce)
This diploma thesis explains the principle of SCADA systems and describes the DLMS/COSEM protocol. In the next part, it shortly describes the Modbus protocol and details the pros and cons of the Modbus protocol in comparison with the DLMS/COSEM protocol. In the next part, an open-source automated scanner was created. This scanner detects devices in a laboratory network. As the next step, the automated scanner finds out open ports and active services, which run on these devices, and tries to attack HTTP, SSH, and Telnet services. Next, the program checks, whether the found device is a smart-meter device and if it is compatible with DLMS/COSEM protocol. If yes, it checks, if the service is vulnerable to DOS attack and breaker disconnection. Scanner’s findings are presented in a newly created web application. NMAP, Masscan, and Metasploit open-source programs are used in the automated scanner. The whole automated scanner is optimized for the HW device Raspberry Pi with the operating system Raspbian Buster Lite installed. This work also describes the testing of the scanner on the laboratory environment and the results are evaluated afterwards.
|
host ::
RSS.