SECURITY ANALYSIS OF AN IOT COMMUNICATION SYSTEM WITH A VIRTUAL MACHINE IN AWS (#1789)

Authors

Villagra Bautista, Stephanee Carolina

Carrasco Bardales, Alberto Max

Mejía Saavedra, Juan Miguel

Dubón Portillo, Juan Carlos

Abstract

This research explored the issue of security when communicating with IoT devices using the MQTT protocol in conjunction with cloud computing. IoT devices pose a greater risk than electronic devices because they do not have software updates, so if a vulnerability is found, the device will remain that way, in addition to allowing access to your network and local data. Despite the risks that IoT devices can pose, the growth in their use shows the importance of streamlining processes and activities through their widespread use in projects in different areas, such as home automation and industry. The use of communication protocols such as MQTT is used when talking about IoT, since with its addition a secure channel is used for the passage of information from the IoT device to a broker that allows the flow of data to the receiver. Cybersecurity protects us from attacks from the Internet by protecting the systems we use, therefore performing penetration tests with specific penetration tools help to perform an analysis that revealed the weaknesses of the IoT communication system and then proceed to reduce vulnerabilities with services in AWS, configurations in the intermediary broker MQTT and rules to protect passwords.