Essay: Structure of the penetration test / concepts of the Internet of things

Abstract
Penetration testing is a process to conduct a security assessment that provides the solution for the cyber environment vulnerabilities. The details of finding during the penetration testing process have followed by common ethical hacking methodologies. Cyberspace faces problems as its usage increases in this electronics world. The potential for the problems with the latest electronic resources requires effective security structure to protect the environment and mitigate the risk from various sources. Connection or Link between the sources connected to the cyber environment provides an interactive access effect which helps to bring ultimate development on the technological era. The problems within the connection make severe concerns for the security issue. Users and the devices communicate using various technical languages and activities. The successful ethical hacking assessment contains the detailed methodology and assesses the resources on the IT infrastructure including Web application, Physical Device platforms, operating systems, and communications.
The thesis introduces the background structure of the penetration test and explains the concepts of the Internet of things and the methodologies proposed to perform penetration testing with selected resources. The primary goal of the penetration testing which can succeed at the end of the successful assessment. Research motivated to identify the critical impact on security threats on IoT devices for future trends and the further evaluation of penetration testing methodology. The security in the Internet of things has identified weakness while the ultimate growth of the technologies with absolute challenges. Security concept of these systems requires dedicated methods to improve the security between several devices resulting in improvement of various technical constraints.
The main aim of the research to identify the suitable methodology to perform penetration testing on IoT devices and explain the methods behind the techniques and tools used during the assessment and ensure how the novel IoT technologies can secure from malicious attacks and unexpectable vulnerability on the rapid growth of these smart technology. The success of this thesis with the research context and testing followed on devices selected with penetration testing aspects.
Chapter 1
Introduction
The Penetration Testing should go beyond the level of vulnerability assessment. Network environment test should consider its resources to test and find the vulnerability for each device connected and potential of attacks as well as maintenance. Maintenance is the essential part of the cyberspace protection. Regular updates to maintain the information security resource takes the critical place on the potential cyber attack from various resources. The definition of the vulnerabilities should be checked and updated by the cyber security experts on many forms such as virus definitions. Permission to test the cyber environment is Differ the Penetration tester and malicious attacker. Ethical Hacker/Penetration tester requires confidential authorization to perform a successful security assessment to complete the process on the environment wherever cyber devices attached.
How the ethical hackers perform the security assessment on the cyber environment? Answer from the security analysis clarifies that the procedures effectively on the situation. Threat modeling examines the all malicious activity from the organizational context. Penetration testing involves creating an environment interconnected to test the potential vulnerability and perform exploitation and generating solutions for the security issues. The thesis considers performing a successful security assessment on the Internet of Things by performing attacks and exploitation which helps the security system of any organization. Demonstration on the cyberspace environment challenges the usage of the networks, devices and the primary motivation for this project to provide solutions for the significant issues on the resources accessed in the network environment. Dealing with physical devices and their vulnerabilities define a roadmap view of the network and extensive area network and core devices to perform successful penetration testing on the environment.
The vast increase in cyber world interaction has made users around the space of cyber technologies more dependent on their daily activities. Sophisticated implementation of technology requires strong depends from the various vulnerabilities in the security concepts. Security breaches may result in the critical impact of multiple resources. Penetration testing ensures the consistency of security management in information technology. The leading role of pen-tester in discovering the threats associated with the security modelling and identifies vulnerabilities by performing the scheduled analysis which requires the security infrastructure.
The use of the Internet of Things is increasing rapidly, and the majority of people interact with these devices as they help to make our life more comfortable to perform certain things which connected with the internet. Interconnect on this IoT infrastructure become more complex and create for more security threats. The manufacturers of these technology integrated devices consider the market rather than the security protocols.
1.1 Motivation
The lack of security controls is a significant issue in the Internet of Things development. Improvements on this concept will help to implement successful invention of sophisticated technology on the new era. It helps for the product manufacturers and consumers in the internet market. The main aim of this thesis to perform penetration testing on selected devices to identify the problems on the security aspects. The users do not need to have broad technical skills to improve the protection to use these devices even if they have control over the smart devices. Devices require the constant monitor to find out the new problems and upgrade them on a continues basis. While considering penetration testing, Penetration testers also need to recognize and work properly to assess the security and avoid lack of security caused by severe vulnerabilities. For example, common weakness for IoT devices is their associated cloud accounts.
The security mechanism is a typical security implementation deployed to ensure the security of smart technologies and assist the system surfaces in identifying vulnerabilities and avoiding breaches on the IoT devices. There are two questions motivating to follow up this thesis
– Are the Security mechanism is sufficient to defend against cyber attackers?
– Should security mechanisms need to be re-tested on IoT devices?
Research on the current state of IoT penetration testing and each area of possible attack surfaces. There is security consideration beyond the basic of firmware, web application, mobile application and hardware as well as radio communication. The outcome of the research will be through the assessment of how to identify vulnerabilities and ensure privacy in IoT devices, based on real-life products. Penetration testing on smart devices will lead to handling various security risk on this new technology implementation with confidential maintenance and to demonstrate how such security assessment on the prototype to manage security risk and to get a better understanding of the outcome of this project.
1.2 Aims for the thesis
The ultimate goal of this research is to explore the security in specific IoT devices. The devices will be focused as they are typical and essential surveillance IP cameras and EPOS systems and their connection to the internet. Identifying the vulnerabilities associated with these devices and experimenting exploitation with these smart devices and find out how the attacker can perform the malicious interaction. Consider looking deeper into the system, where this system can be affected by sending or performing malicious command injections. The system can be compromised, If other factors, Such as firmware of the products. Thousands of IP cameras found with vulnerabilities all over the world and Point of Sale systems are widely used everywhere in this world which leads the malicious attackers to gather financial information from inappropriate access. The Cybercrime investigations show the report at most compromised Point Of Sale systems integrated with Card readers which leads the most business operations, and personal banking information stole throughout these kinds of activities. (3)
IP cameras contain good capabilities to upload data. The Vulnerabilities are not only affecting the user of the system. If the camera access is compromised, it leads to the severe security issue on the system to perform additional attacks. For example, If the burglar can stream the video from the compromised system to confirm whether there are people inside the home or not, to have physical access inside to the premises. Perform Penetration testing on IP cameras is very interesting when it comes to the security for future dedications. Security assessment will help in the usability of the methods in ethical hacking and exploit these vulnerabilities as well as explained the roadmap of this process. These methods explain in details with unknown vulnerabilities of the product firmware. The achievement of full identification of the weaknesses throughout the testing and demonstrate the significant impact of security issues. Updating firmware with profoundly impact security follows the IP cameras to be more secure. In this thesis, I will consider performing testing on both the Attacker and user perspective to prove that I confirm the responsibility of the penetration tester.
Point of Sale systems is becoming ever more popular in retail outlets across the UK, from larger well-known names to smaller corner shops. The benefits delivered by Accord EPoS software are extensive, and there are several ways in which it helps to improve security and reduce losses from criminal or fraudulent behavior. ( 1) The point of sale system should have integrated with Electronic Fund Transfer (EFT) and allows the customers to make their payments via their credit or debit cards. The system reads from the till the amount that is due and then instantly debits the money directly from the customer’s account or assigns it to their credit card company once they have confirmed their PIN number. In 2014, large retailers, franchises and small businesses alike were affected by new vulnerabilities and malware targeting point-of-sale (POS) devices, systems and vendors. The US-CERT detailed on recent vulnerability affecting POS devices and systems in its Vulnerability Notes Database. (2)
The main focus of exploiting the selected POS system will experiment the problem founds and, explaining the exploitation methods provide the solution to resolve this security issue which is important while considering the usage of these upgraded devices.
The main aim of the penetration testing assessment is to focus and to perform penetration testing by using the approved methodology to protect the cyber environment and the connected devices such as IOT (Internet of Things) devices.
1.3 Problem Statements
– Define the Scope of test and Methodology
– Identify the Vulnerabilities of the Network Environment; web Application and wNetwork Environment to track the potential of the Attacks.
– Use specific penetration testing tools.
– Perform exploitation on Identified vulnerabilities.
– Create testing Environment with a set of requirements.
1.4 Overview of Chapters.
Chapter 2
Background and Literature
Penetration Testing used to ensure the security of the nation and identify the weakness of the system in military departments. Technologies differ from the observation of the attacks during the last three decades. ( 5)Fighting against the security breaches is the primary goal of penetration testing. The sophistication of attacker’s technology, Security analysers have worked to ensure the security of the computer networks. The critical challenge to keep the information safe, and share the data across the network systems worldwide. Today, with about 640 terabytes of data tripping around the globe every minute, there is a lot of information to be stolen and so a lot to protect. (4)
The penetration testers have to challenge the objective on examining the security of the network with analysis on all the threat to the environment belongs where assessment performed, and Effective risk inject and compromised to lead the ongoing security issue.[ 6] Software penetration testing methodologies provides the ultimate guide to perform both black box and white box testing. However, the application of the various software platforms implements with the errors. ()
In early 1970’s Penetration testing, James P. Anderson. In according to the report provided by the Tigers team by defining series of final steps to test systems for their ability to be penetrated and compromised. First steps of this series are to identifying the vulnerabilities and analysing a design and exploitation, and the experiment the effect of the attack itself to neutralise the threat. This method is still in use for the practice of penetration testing. ()
Infiltration analysers misuse the frameworks to the security structure for sensible danger. The lawful entrance test is to investigate framework positions. Infiltration tests are utilised to improve the security aspects of the audit process. [7] Entrance testing is a standout amongst the security aspects and a strategic reason for pen testing. Entrance testing framework has developed the interest to gather information about the programmer and the framework.[8]
Threat Model has designed at the IT innovation centre was used to model systems, Identify threats, and apply specific strategic plan. The NIST 800-115 penetration is testing The technique, is utilised. This automated penetration testing consists of seven different phases: planning, system modelling, threats extraction using the threat model, vulnerability discovery, threat and vulnerability mapping, attack and reporting.[12]
The test supported threat modelling approach combined elements of McGraw’s touch point approach. Using this new methodology, security evaluation of the open source packet sniffer Wireshark, with the aim of producing plausible abuse cases for this software. It can be useful in producing actionable abuse cases for a potential penetration tester. [10]
Flavio [18] This paper has discussed data integrity issue within the cloud environment. Transparent Cloud Protection System (TCPS) for improved security of cloud environment proposed as their solution for cloud services. This system can be used to identify user integration issue and keep virtualisation still more secure. The advantage of their work provides security implementation, vulnerability detection mechanism.
2.1 Penetration Testing
Penetration testing is the activity performed by one security auditor. The security auditing performed by a group of security auditors, and it is called TIGER TEAM. It is an authorised attack on the computer system to evaluate and ensure the security of the system. The process series performed to identifying the weakness of the targeted system to gain access to the system to enable the full risk assessment. ( ) There is the difference between conducting Security assessment or Vulnerability scan. Penetration testing entirely differs from those descriptions and stands apart from these efforts in a few ways. Penetration testing reports also assess the potential impacts and suggest countermeasures against those threats. NCSE defined penetration testing as: “A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary might.” ( )
Penetrations testing is a crucial step to develop secure systems, the sound of performing testing does not stress the performance of the arrangements. The pen-tester should be authorised and defence responsible role to act against the malicious attacks whether they are known vulnerabilities or not. Vulnerabilities or weakness of the system leads to the malicious activity made in action. Pen-Test is a great approach and systematic test performed for the security issues on particular policies. The automatic or manual tools can be used to perform testing and map security impacts in an appropriate step. ( )
2.2 Objectives of Penetration Testing
A penetration test is always considered as 360 degrees on security perspectives for the Information system. Detecting the future of the attack and it’s impact to determine the effect of the malicious action against the network. The pen testing process involves analysing the system for any potential impact on security threats. It helps to make the possibility of malicious exploitation against the system and ensure the security of the system. The requirement of Penetration Testing is listed below. (obj)
– Identify Vulnerabilities in the infrastructure and application and users to develop controls
– Implementing the controls effectively to provide security assurance.
– Testing against Identified vulnerabilities and perform exploitation.
– Discover new bugs in existing software (patches and updates can fix existing vulnerabilities, but they can also introduce new vulnerabilities)
– Performing Due Diligence and Independent Audits.
– Improving security of computer system.
2.3 Types of Penetration Testing
The Penetration testing usually is depending on how the system requires security and what wants to test to simulate the source of the attack from anywhere. There are different types of penetration testing methods accepted which are listed below.
2.3.1 Black-box testing
The black box penetration testing method is the effective security assessment process by having limited knowledge of the network environment. Penetration tester has to analyse the complete structure of the network to follow this method. There is no information provided to the tester about the internal system. This type of test is always referred to as “trial and error” approach. For example, The tester will only get the IP address of the network or IOT device, and Tool and techniques simulate to perform testing in a particular infrastructure with less information. ()
2.3.2 White-box testing
The background information is about the system or targeted resources to evaluate the vulnerabilities and perform successful pen-testing with minimum efforts. It describes as clear- box testing. White box penetration testing opens a comprehensive gateway to the auditor to conduct and thorough test and maximised test time. These kinds of the test require more sophisticated tools to perform detail such as threat modelling tools and code analysers.
2.3.3 Gray-box testing
Testers analyses the background information about the resources where they have only a little knowledge about the organisation. In other words, they know some areas but not others. [6]
The best and successful pen-testing come in-true when multiple testers participate for a full approach on the system. The teams are categorised as Follows.
– Red Team
The Red Team can be considered as those individuals who are the actual Pen Testers. Their primary goal and objective are to mimic or emulate the mindset of an attacker, trying to break down through all of the weaknesses and vulnerabilities which are present. In other words, it is the Red Team which attacks all fronts possible. ( )
– Blue Team
Blue Teams acts to the internal security team to defend both attackers as well as Red team. This team is meant to consider as a regular team in the most organisation. Blue team do not have continuous operations against the attack which is defined as their mission and perspective. (blue)
– Purple Team
Purple teams are operating ideally to ensure the effectiveness of both Teams. Integrating the defensive methods and controls from Blue team with vulnerabilities and impact found by the Red team into a narrative that provides the efficiency of their maximum.
2.4 Penetration Testing Lifecycle
Penetration testing lifecycle guides the penetration tester to follow the procedures to perform exploitation on the cyber system in a way that outcome from the results is an excellent document report that can be used further security issues. This process not only guides the tester but also is used to structure a high-level security assessment on cyberspace. Each phase builds on the previous method and provides details on a step flow.[5]
2.4.1 Reconnaissance
Reconnaissance focuses on collecting the information and considers about anything about the target of the engagement. Searching for the initial information on the internet source and conducting passive scans of the available interlinks. Penetration tester uses this phase to identify them as much information about the target. ()
2.4.2 Scanning
Pen-Tester uses the information gathered from the first phase and, Start scanning the targeted sources by using the initial information. Take into the account as collected information is been further go into deep scanning using tools. The exploitation will be performed with the detail information collected in this phase.
2.4.3 Exploitation
The collected information about the targeted system will be used to act in this phase. The tester should consider the factors which affect and the selection of the tools to perform exploitation. Identified potential vulnerabilities which lead to the severe impact on the system and should be implemented effectively. All the possible results should carefully consider before performing exploitation.
2.4.4 Maintaining Access
Based on the exploitation results provided by the team. Maintain the access into the system. Once the exploitation completed, the tester continues the access on the network with the future perspectives. Involvement with the exploited system need to be in persistent access to gather data as much as possible.
2.4.5 Reporting
The pen-tester should develop reports in detail and explain each method followed during each process. How the hacking processes implemented and the vulnerabilities identified and exploited and detail about the compromised systems. The responsible member of the team may be required to provide a feature about the whole process of penetration testing process including the roadmap.