NUR AFINI NATRAH BINTI MOHD ASHRIL Universiti Poly-Tech Malaysia (UPTM)
Abstract for Project
The soaring popularity of Internet of Things (IoT) device integration among small and medium-sized
enterprises (SMEs) has presented difficulties to the field of cybersecurity: small and medium-sized
businesses are particularly uninformed about the dangers of their current and upcoming Internet of Things
(IoT) device use, and effective methods of protecting any network are inadequate, easy-to-use, and
economical enough to form part of a SME-specific network. To solve these problems, this project intends
to create a Desktop based IoT Device Security Evaluation Toolkit that will be dedicated to compliance with
SME networks. The toolkit allows (or rather requires) automated discovery and classification of devices,
and their vulnerabilities: ARP scanning, MAC address vendor lookup, and service fingerprinting. In order to make the toolkit match the real-life requirements of SMEs, the project started by
analysing the typical security-related vulnerabilities of IoT with the help of a literature review and the
opinions of the intended end-users. An iterative approach was thus used to develop the toolkit and then it
was tested in a real-life environment at 1Lynx Solution Sdn Bhd. The assessment was geared toward
technical efficiency, such as accuracy of detection, and practicality of use by non-technical personnel. The
results show that the toolkit will offer proper device identification, identify weak configurations, and it will
produce readable security reports, which makes it an effective tool that SMEs can use to improve the
visibility and security position of their IoT networks. The said project comes to give an ultralight, friendly-use utility that can fill the void between high-end
corporate security tools and the reality of resource-limited SME infrastructures.