隨著網路的普及,以及連網設備增加,資安事件頻傳,駭客手法也愈發多樣化,經常造成組織巨大損失,其中尤以物聯網(IoT)設備最容易被駭入, 其主因為IoT設備為了成本考量使用舊規產品進行設計組成,而這些裝置所使用的安全驗證大多很簡易,可能存在漏洞,進而使設備可能遭受非法應用(如殭屍網路)或是被當作跳板入侵內部網路等情形發生。因IoT裝置資安單憑設備本身之加密機制有所不足,因此本研究使用Raspberry Pi(樹莓派)、Snort(入侵偵測系統)、Pulledpork、BASE(基本安全分析引擎)四者,製作出一輕量型居家網路監控裝置;以Raspberry Pi實作系統,由Pulledpork進行Snort規則集更新與下載,再經由Snort偵測入侵特徵並記錄,再於BASE介面顯示以警告管理者異常狀態,以協助使用者維護居家網路安全。
The internet is more and more usually and the increase in networked equipment, the frequent spread of security incidents and the increasingly diversified hacking methods often cause huge losses to the organization, especially the IoT devices are the easiest to be hacked. Because IoT devices are designed and composed of old products for cost considerations, and the security verification used by these devices is mostly simple, and there may be vulnerabilities, which may make the device subject to illegal applications (such as botnets) or be used as a Stepping-stone attack to invade Internal network and other situations occur. Because the security mechanism of the IoT device depends on the lack of the encryption mechanism of the device itself, this study used Raspberry Pi (raspberry pi), Snort (intrusion detection system), Pulledpork, and BASE (basic security analysis engine) to produce A lightweight home network monitoring device; using Raspberry Pi to implement the system, Pulledpork performs Snort rule set update and download, and then detects and records the intrusion characteristics through Snort, and then displays on the BASE interface to warn the administrator of abnormal status, Help users maintain home network security.
