My project works by running an Apache web server on a Raspberry Pi 3 connected to my home router. The domain name pizilla.co.uk was assigned to my home IP address and also has a Dynamic DNS system in place to re-assign the IP address when it changes.
The peripherals are controlled via the GPIO (General Purpose Input Output) pins attached to the Raspberry Pi. Scripts written in Python are executed from a PHP webpage hosted on the Pi after the user has validated their credentials.
Electronic circuit boards have been created which control the peripherals. I used relays to isolate the plug and solenoid lock from the Pi. The plug is rated up to 20Amp 240AC which is perfectly capable of controlling many home appliances such as a kettle, iron, TV etc.
Due to the personal nature of home automation systems I have focused extra care and attention to implement multiple security features to create a secure final year project. These features can be read about in the security section.
I ran an SSH Honeypot for a month collecting details on attempted hack attempts to my Pi - I have performed data analysis on these attacks using Splunk Enterprise and have used the D3.js framework to render these different data visualisations which show different connection attempts from across the globe.
As I was running the Raspbian Jessie Lite Operating System the entire project was completed via the command line as Jessie Lite does not offer a GUI. Code was written in Notepad++ on my PC and transferred over via SFTP to be run.
- Splunk Enterprise
- LetsEncrypt SSL Certificate
- Raspberry Pi 3 & Raspbian Jessie Lite OS
- Electronics such as Solenoid Locks, AC Mains Plugs, Relays, MOSFETS, Resistors, LEDs
- All passwords are hashed with strong hashing algorithm bcrypt using dynamically generated salts to prevent against rainbow attacks.
- Login attempts are only allowed to be passed through to the server after authorisation with Google’s reCAPTCHA program. This helps prevent/drastically reduce any brute force attempts.
- All forms have been sanitised and validated to prevent SQL injection attacks.
- Default ports have been changed and Linux permissions and groups have been carefully selected to provide proper authentication.
- All pages are processed over encrypted port 443 otherwise known as HTTPS. All unencrypted HTTP requests will be forwarded onto HTTPS.
- Directory listings have been disabled and I have removed the server signature so it does not reveal what version of Apache is being run which could give hackers an advantage to look for known exploits for said version.
- After logging in a welcome message will state the last login time and IP address for that account.
- HTTP POST methods are used as opposed to HTTP GET which is unsafe.
- Strong firewall rules have been implemented to ban any IP for an indefinite amount of time after x failed attempts at SSH login.
- SSH login attempts on default port 22 are widespread. I ran a honeypot for one month collecting data on this matter. I have displayed this data in several different visualisations which you can view.
- Educational purposes, in primary schools, secondary schools and at University level- this will help close the programming gap for the UKs youth by introducing them to exciting computing lessons with practical examples
- Disabled purposes, some people are unfortunately less able to move in their own homes; by using my product will greatly improve their quality of life. For instance turning on/off lights whilst in bed. Seeing who is at the door before going to check etc
- Enthusiasts – as it is open-source this will allow people to ‘tinker’ with their device and add or remove as many features as they want. It is completely customisable to their needs.
- People in Houses of Multiple Occupancy – this will be an easy way to keep track of bills, by viewing logs of who used what appliance at what time. Landlords can easily manage their homes when contracts change over by changing passwords to their homes- much cheaper than changing locks!
- Families - anybody who has a pet at home whilst they are at work, or want to check on their children whilst they are at the shops, want to water the plants when they are away on holiday?
- The Maker Community – this community is huge and my project will directly appeal to them
After being online for a few days, I noticed my system authentication log file was huge - I noticed a brute force attack was taking place on SSH port 22 before I had changed it.
I installed Kippo, a SSH Honeypot written in Python on a 2nd Raspberry Pi server to analyse the true extent of these attacks.
The data I collected was fascinating and over a 1 month period I logged:
- 68,373 attempted username/password combinations
- 1,033 unique originating IP addresses
- From 63 different countries!
I used Splunk Enterprise to analyse and sort this data and then used the D3.js framework to produce different data visualisations.
One visualisation I am particularly proud of is the total number of unique longitude/latitude coordinates that were resolved from an attacking IP address, I displayed these as arcs aimed towards the UK to represent the attack:
All my interactive visualisations can be found on my website at pizilla.co.uk/maps