• Skip to main content
  • Skip to after header navigation
  • Skip to site footer
ERN: Emerging Researchers National Conference in STEM

ERN: Emerging Researchers National Conference in STEM

  • About
    • About AAAS
    • About the NSF
    • About the Conference
    • Partners/Supporters
    • Project Team
  • Conference
  • Abstracts
    • Undergraduate Abstract Locator
    • Graduate Abstract Locator
    • Abstract Submission Process
    • Presentation Schedules
    • Abstract Submission Guidelines
    • Presentation Guidelines
  • Travel Awards
  • Resources
    • Award Winners
    • Code of Conduct-AAAS Meetings
    • Code of Conduct-ERN Conference
    • Conference Agenda
    • Conference Materials
    • Conference Program Books
    • ERN Photo Galleries
    • Events | Opportunities
    • Exhibitor Info
    • HBCU-UP/CREST PI/PD Meeting
    • In the News
    • NSF Harassment Policy
    • Plenary Session Videos
    • Professional Development
    • Science Careers Handbook
    • Additional Resources
    • Archives
  • Engage
    • Webinars
    • ERN 10-Year Anniversary Videos
    • Plenary Session Videos
  • Contact Us
  • Login

Exploring the Vulnerabilities and Prevention of Raspberry Pi System

Graduate #53
Discipline: Computer Sciences and Information Management
Subcategory: Computer Science & Information Systems

Jasmine Carson - North Carolina A&T State University
Co-Author(s): Oliver Nichols, Chris Bonham, Paul Bond, Wayne Simpson, and Michael Crow, University of Tennessee at Chattanooga, TN



With the growing popularity of the light weight yet efficient Raspberry Pi, users may lack the knowledge to properly secure a Raspberry Pi, leaving it and potentially the network it is attached to vulnerable to attacks. The purpose of this project is to explore system vulnerabilities as related to the Raspberry Pi, and implementations that are designed to withstand such vulnerabilities and/or decrease the potential for an exploit to result from such a vulnerability. The Raspberry Pi can be used in many fashions: (a) home automation, (b) an independent system designed to perform a limited number of tasks, or (c) as a device connected to a typical LAN supplying network services (i.e. DNS, Web server, email server, etc.). The following vulnerabilities and prevention methods in relation to Raspberry Pi are being explored: (1) Password cracking: This attack targets one of the main access points on the Raspberry Pi, Secure Shell (SSH). The software used to conduct the brute force attack is called THC-Hydra. The software used to mitigate the brute force attack is called fail2ban. Fail2ban is a very simple to setup program that can be set to watch log files and respond to suspicious activity by blocking the offender for a certain period of time. It is especially good at responding to brute force attacks where similar instances are continuously logged. With fail2ban installed the dictionary attack from THC-Hydra cannot succeed anymore. (2) Man in the Middle Attack: This attack will exploit ARP cache poisoning to intercept packets between two hosts. The attacker (a PC) will be the Man in the Middle between a Raspberry Pi and another PC. The data packets being sent between the targeted/communicating nodes/victims were intercepted by the attacking PC, and forwarded on to the intended receiver. A prevention method is to use a fixed set of IP-MAC address associations, i.e., a fixed ARP table. For a home with a few, finite number of MAC addresses accessing the network, the idea of a fixed ARP table is a reasonable approach to prevent ARP Cache Poisoning Attack. (3) Cross Site Scripting (XSS) Attack on openzwaveme: The attack targets the login screen for openzwaveme’s website and checks how well they filtered user inputs. The attack also targets the applications installed on the Raspberry Pi. WebScarab or Burp Suite, which can serve as a proxy between the webpage and client will be used to conduct XSS attacks. (4)Sniffing: Sniffing is a form of passive attack to learn about the communication between two computers. The software Wireshark will be used to sniff packets. The attacking machine using Wireshark should be on the same local network as the Raspberry Pi. First, an analysis of security is done on remote access and also the LAN on which the raspberry pi is connected. Using Wireshark, an attacker will sniff the packets on the network that the Raspberry Pi is receiving.

Funder Acknowledgement(s): NSF HBCU-UP project (HRD-1332504)

Faculty Advisor: Xiaohong Yuan, jacarson50@gmail.com

Role: The part of the research that I did was successfully implement each attack, and writing it up as a lab for undergraduate students in order to assess its effectiveness.

Sidebar

Abstract Locators

  • Undergraduate Abstract Locator
  • Graduate Abstract Locator

This material is based upon work supported by the National Science Foundation (NSF) under Grant No. DUE-1930047. Any opinions, findings, interpretations, conclusions or recommendations expressed in this material are those of its authors and do not represent the views of the AAAS Board of Directors, the Council of AAAS, AAAS’ membership or the National Science Foundation.

AAAS

1200 New York Ave, NW
Washington,DC 20005
202-326-6400
Contact Us
About Us

  • LinkedIn
  • Facebook
  • Instagram
  • Twitter
  • YouTube

The World’s Largest General Scientific Society

Useful Links

  • Membership
  • Careers at AAAS
  • Privacy Policy
  • Terms of Use

Focus Areas

  • Science Education
  • Science Diplomacy
  • Public Engagement
  • Careers in STEM

Focus Areas

  • Shaping Science Policy
  • Advocacy for Evidence
  • R&D Budget Analysis
  • Human Rights, Ethics & Law

© 2023 American Association for the Advancement of Science