Denial of Service and Man-in-the-Middle Attacks Against IoT Devices in a GPS-Based Monitoring Software for Intelligent Transportation Systems

Abstract

The issue of information security in the IoT era is an essential aspect for all IoT devices that are connected to the Internet. If the technology is vulnerable, it allows hackers to exploit such systems in order to spy, harm, or disrupt their activity. This paper presents some security issues of a GPS-based monitoring solution for the automotive industry. Some penetration tests using DoS and MITM attacks were launched in an infrastructure with GPS-based data transmission devices and receiving servers. Preliminary countermeasures were suggested, as the Teltonika protocol involved in the initial system did not use encryption.