A comprehensive security testbed for IoT networks using GNS3 virtualization platform. This project provides a controlled environment for researching IoT vulnerabilities, testing security mechanisms, and understanding digital twin concepts in cybersecurity education.
This testbed simulates real-world IoT environments with digital twin capabilities, allowing security researchers and students to:
- Study IoT Vulnerabilities: Test common IoT device security flaws in a safe environment
- Analyze Network Traffic: Monitor MQTT and other IoT protocol communications
- Security Assessment: Perform penetration testing on virtualized IoT devices
- AI-Powered Threat Detection: Use TSM-NIDS for intelligent intrusion detection
- Attack Classification: Identify specific types of IoT attacks using machine learning
- Digital Twin Analysis: Analyze real-world IoT data for security insights
- Educational Research: Learn about IoT security without risk to production systems
The testbed consists of several key components:
βββ AttackThreat/ # Security testing framework
β βββ brute-force_cycle/ # Brute force attack modules
β βββ ddos_cycle/ # DDoS attack simulation
β βββ cameradarexploit.sh # Cameradar RTSP attack wrapper
β βββ credentials.txt # Common IoT default credentials
β βββ exploit.py # Automated vulnerability scanning
β βββ exploit_interactive.py # Interactive security testing
β βββ exploit_interactive_backup.py # Interactive security testing backup
β βββ requirements.txt # Python dependencies
βββ Collected Data/ # Dataset storage and management
βββ GenAI/ # Generative AI for generating realistic iot traffic
β βββ Model/ # Model to generate traffic
β βββ data_preparation/ # preparation of dataset before training
βββ IoTDevice/ # IoT Device Scenarios
β βββ MQTTCaptureData/ # MQTT data capture modules
β βββ MQTTScenarios/ # MQTT broker and data management
β βββ RTSPCaptureData/ # RTSP stream capture modules
βββ TSM-NIDS/ # TSM-NIDS: AI-powered intrusion detection
β βββ AttackClassification/ # Multi-class attack type classification
β βββ AttackIdentification/ # Binary attack detection
β βββ IoTDigitalTwin/ # Real-world IoT data analysis
βββ TwinningAgent/ # Twinning agent for digital-physical sync
β βββ config/ # Configuration sync code
β βββ dashboard/ # Digital & physical dashboard code
β βββ data/ # Dataflow management modules
β βββ status/ # Status synchronization modules
β βββ Documentation.docx # Digital twin documentation
βββ README.md # This documentation
Operating System: Ubuntu 22.04.4 LTS (recommended)
Required Dependencies:
- KVM virtualization support
- GNS3 network simulator
- Python 3.8+ with python3-venv
- Docker
- Standard Linux utilities (make, wget, konsole)
- Jupyter Notebook (for TSM-NIDS analysis)
- TensorFlow/PyTorch (for machine learning models)
-
Clone the repository:
git clone https://github.com/Siong23/iot-digital-twin.git cd iot-digital-twin -
Install Python dependencies:
cd AttackThreat pip install -r requirements.txt -
Set up TSM-NIDS environment (for AI-powered intrusion detection):
cd TSMixer # Install additional ML dependencies as needed for specific modules pip install tensorflow jupyter pandas numpy scikit-learn
-
Set up GNS3 environment with the required appliances (see Dependencies)
-
Start the MQTT broker:
cd IoTDevice/MQTTScenarios python3 mqttbroker.py -
Run security assessments:
cd AttackThreat python3 exploit.py # Automated scanning # or python3 exploit_interactive.py # Interactive mode
-
Use TSM-NIDS for intrusion detection:
cd TSMixer/AttackClassification jupyter notebook tsmixermulti-tonprocess_base_s.ipynb # or explore other TSM-NIDS modules
- Cisco 7200 Router - Network routing simulation
- Kali Linux - Security testing platform
- Fixed Open vSwitch - Virtual switching
- Ubuntu Server - IoT device simulation
- Ubuntu Guest Additions - Enhanced VM functionality
- TightVNC - Remote access capabilities
- Virtualization: KVM support enabled
- RAM: Minimum 8GB (16GB recommended for ML workloads)
- Storage: 50GB+ available space (additional space for datasets)
- Network: Internet connection for appliance downloads
- GPU: Optional but recommended for TSM-NIDS training (CUDA-compatible)
Configure secure MQTT communication using client certificates. Follow the detailed MQTT setup guide.
Design your GNS3 topology to include:
- IoT devices (simulated using lightweight VMs)
- Network infrastructure (routers, switches)
- Security monitoring tools (Kali Linux)
- MQTT broker services
The TSMixer-based Network Intrusion Detection System provides:
- Attack Classification: Multi-class classification of IoT attack types
- Attack Identification: Binary detection of malicious network traffic
- Digital Twin Analysis: Real-world IoT data processing and analysis
Configure TSM-NIDS by:
- Selecting appropriate preprocessing methods (MinMaxScaler, RobustScaler, StandardScaler)
- Choosing feature selection techniques (correlation analysis, mutual information)
- Applying data augmentation methods (SMOTE) if needed
- Configuring model parameters in the respective Jupyter notebooks
- TON-IoT Dataset: Comprehensive IoT network traffic dataset for training and evaluation
- Real-world IoT Data: Captured data from actual IoT devices in controlled environments
- Custom Dataset Collection: Tools for capturing and analyzing your own IoT network data
- Intrusion Detection Systems: Evaluate TSMixer effectiveness for IoT security
- Attack Pattern Analysis: Study temporal patterns in IoT attack sequences
- Feature Engineering: Explore optimal feature sets for IoT security classification
- Model Comparison: Compare different scaling and preprocessing approaches
- Threat Intelligence: Generate insights from real-world IoT attack data
- Cybersecurity Courses: Hands-on IoT security training
- Research Projects: IoT vulnerability analysis and threat modeling
- Security Workshops: Practical penetration testing and defense
- Digital Twin Concepts: Understanding IoT system modeling and simulation
- AI Security: Machine learning applications in cybersecurity
- Network Intrusion Detection: Time series analysis for threat detection
- Data Science: Feature engineering and model evaluation for security datasets
For detailed setup instructions and advanced usage, refer to:
- AttackThreat Framework Documentation
- TSM-NIDS Documentation
- MQTT Security Configuration Guide
- Project Documentation (Word) (Work in Progress - View Only)
- MQTT broker management and secure communication
- IoT device simulation and data collection
- RTSP stream capture for video IoT devices
- Telemetry control and monitoring
- Automated vulnerability scanning
- Interactive penetration testing
- Brute force attack simulation
- DDoS attack coordination
- Credential testing against IoT devices
- Time series neural network intrusion detection
- Multi-class attack classification (DoS, DDoS, backdoor, injection, etc.)
- Binary attack identification
- Feature importance analysis and visualization
- Support for multiple preprocessing techniques
- Real-world IoT dataset analysis
Contributions are welcome! Please read our contributing guidelines and submit pull requests for improvements.
This project is intended for educational and research purposes. Please ensure compliance with your institution's policies and applicable laws when using this testbed.
For questions or collaboration opportunities, please open an issue or contact the repository maintainer.
Repository: https://github.com/Siong23/iot-digital-twin