Skip to content
/ iotvigilant-cybercamp-2018 Public

IoTVigilant is an Open Source development created to detect :shipit: weird network behaviors of IoT devices --or of any device with low network interaction--.

www.iotvigilant.world

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

IoT-Vigilant/iotvigilant-cybercamp-2018

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

84 Commits
Presentacion_Hackathon
Presentacion_Hackathon
 
 
docker
docker
 
 
images
images
 
 
local_server
local_server
 
 
sniffer
sniffer
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Iotvigilant-Cybercamp-2018

Python Contributions welcome GitHub Docker

IoTVigilant is a Open Source development created to detect :shipit: weird network behaviors of IoT devices --or of any device with low network interaction--.

Basic Overview

Nowadays, more and more IoT devices are being used and, as these devices aren't created with security in mind, they represent a huge security risk in the cyber world. For example, in 2016 Miraia 👿 was an IoT botnet which size varied from 800,000 infected devices to 2.5 million and was used to perform DDoS attacks to some Internet services.

In spite of the size of this botnet, it isn't the biggest IoT botnet that has been used to perform attacks around the Internet 😥. This is why we think that this proyect is needed to discover when a IoT device is behaving in a weird way to stop it 😇.

Protect from the network

As the user of an IoT device rarely has access to the source code of his device and won't be able to install any security measure inside it 🙈, the best way to discover that the gadget has been infected 👽 and is performing unexpected actions, is monitoring the network where it's connected.

IoTVigilant

This proyect is composed of 2 parts:

  • The Sniffer: This piece of software takes metadata from the packets of the IoT devices and send it to the server. You can find more information about this in the Sniffer folder.
  • The Server: Here is were the magic ✨ is performed. All the metadata extracted by the sniffer is correlated using a Machine Learning algorithm and the findings are presented in a beautiful web client. You can find more information about how the server works in the Local Server folder.

If you are a Docker fan, then you can find an installation guide of the Sniffer and the Server in the Docker folder.

Requirements

Sniffer

  • Python 3
  • requirements.txt

Server

  • Grafana v5.0+
  • Elasticsearch 5.6+
  • Python 3
  • requirements.txt
  • Gunicorn

Quick Start

Sniffer

Clone the repository

cd /opt
git clone https://github.com/IoT-Vigilant/iotvigilant-cybercamp-2018.git

Run the sniffer in background

cd iotvigilant-cybercamp-2018/sniffer
python3 sniffer.py --ip <*server_ip*> --port <*server_port*> --time <*time_for_the_buffer*> &

Server

Clone the repository

cd /opt
git clone https://github.com/IoT-Vigilant/iotvigilant-cybercamp-2018.git

Create the self-signed certificate to use HTTPS

openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365

Run the server using Gunicorn

cd iotvigilant-cybercamp-2018/local_server/
gunicorn --certfile <*path_to_cert.pem*> --keyfile <*path_to_key.pem*>  -b 0.0.0.0:4001 server:app

About

IoTVigilant is an Open Source development created to detect :shipit: weird network behaviors of IoT devices --or of any device with low network interaction--.

www.iotvigilant.world

Topics

iot opensource internetofthings anomaly-detection

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages