Estrategias de seguridad informática para mitigar vulnerabilidades en la red de en un sistema IoT agrícola en la provincia del Sumapaz en Colombia

Alexander Gordillo-Gaitán; Dayana Carolina Suárez-Quintero; María Camila Castillo-Fernández

doi:10.31637/epsir-2025-1374

Authors

Alexander Gordillo-Gaitán University of Cundinamarca https://orcid.org/0000-0002-4757-6950
Dayana Carolina Suárez-Quintero University of Cundinamarca https://orcid.org/0009-0001-8208-7888
María Camila Castillo-Fernández University of Cundinamarca https://orcid.org/0009-0003-3280-4695

DOI:

https://doi.org/10.31637/epsir-2025-1374

Keywords:

IoT Cybersecurity, Information Security Strategies, Gray Box, Ethical Hacking, Internet of Things, IoT in Crops, Industry 4.0, IoT Vulnerabilities

Abstract

Introduction: The Internet of Things has addressed the challenges of agricultural technification and adaptation to improve the use of resources such as water and plant nutrients, driving the advancement of this technology given its relevance in the transition towards Industry 4.0. This study proposes strategies to mitigate vulnerabilities of an agricultural IoT system in the province of Sumapaz in Colombia. Methodology: It was developed in five phases: 1) Review of information sources related to IoT. 2) Characterization of the consulted strategies. 3) Implement the selected scenarios in a Gray Box environment. 4) Propose a strategy to mitigate the vulnerabilities of the scenarios. 5) Validate the effectiveness of each strategy through a comparative analysis. Results: Creation of hacking scenarios and subsequent proposal of cybersecurity strategies on the network and the server of the IoT system. Discussion: Information security in technologically emerging sectors or those transitioning to Industry 4.0, such as agriculture, must lead a continuous and holistic effort involving all stakeholders. Conclusions: Strategies were shown to mitigate the impact of vulnerabilities, contributing to the availability, accessibility, and reliability of the IoT system in the province of Sumapaz.

Downloads

Download data is not yet available.

Author Biographies

Alexander Gordillo-Gaitán, University of Cundinamarca

Electronic Engineer, Master in Electronic Engineering with emphasis in Telecommunications, with 6 years of experience as a university professor and leading researcher in telecommunications, education, cybersecurity and information security projects at the University of Cundinamarca and the Corporación Universitaria Minuto de Dios - UNIMINUTO, certified as an auditor, implementer and executor of the ISO/IEC 27001 standard, Ethical Hacking Certified Associate (EHCA).

Dayana Carolina Suárez-Quintero, University of Cundinamarca

Electronic Engineering student and research assistant for the research project “Cybersecurity strategy for IoT system for measuring environmental variables and their effect on coffee rust (Hemileia Vastatrix) in crops in the province of Sumapaz (Cundinamarca - Colombia)”.

María Camila Castillo-Fernández, University of Cundinamarca

Electronic Engineering student and research assistant for the research project “Cybersecurity strategy for IoT system for measuring environmental variables and their effect on coffee rust (Hemileia Vastatrix) in crops in the province of Sumapaz (Cundinamarca - Colombia)”.

References

Arteaga-Barragán, A., y Balseca-Manzano, J. (2024). Estrategias para identificar y mitigar vulnerabilidades de inyección SQL en aplicaciones móviles Android: Revisión bibliográfica. 593 Digital Publisher CEIT, 9(3), 71-83. https://doi.org/10.33386/593dp.2024.3.2300 DOI: https://doi.org/10.33386/593dp.2024.3.2300

Balaji, S. R. A., Rao, S. P. y Ranganathan, P. (2023). Cybersecurity Challenges and Solutions in IoT-based Precision Farming Systems. 2023 IEEE 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), 237–246. https://doi.org/10.1109/UEMCON59035.2023.10316154 DOI: https://doi.org/10.1109/UEMCON59035.2023.10316154

Basurto-Guerrero, M. O. y Guaña-Moya, J. (2023). Cybersecurity in 5G networks: challenges and solutions. Revista VICTEC, 4(7). https://doi.org/10.61395/victec.v4i7.114 DOI: https://doi.org/10.61395/victec.v4i7.114

Bernaldo, M. (2023). Las 15 técnicas de hacking más comunes. https://bit.ly/3S0hblW

Choo, K. K. R., Gai, K., Chiaraviglio, L. y Yang, Q. (2021). A multidisciplinary approach to Internet of Things (IoT) cybersecurity and risk management. Computers & Security, 102, 102136. https://doi.org/10.1016/J.COSE.2020.102136 DOI: https://doi.org/10.1016/j.cose.2020.102136

Espinosa-Garrido, C. B. y Rosales-Roldan, L. (2022). Marco de Referencia de Ciberseguridad para Dispositivos de IoT Usando la Tecnología de IDS, pp. 210–215. https://doi.org/10.54808/CICIC2022.01.210 DOI: https://doi.org/10.54808/CICIC2022.01.210

Farooq, M. S., Riaz, S., Abid, A., Umer, T. y Zikria, Y. Bin. (2020). Role of IoT Technology in Agriculture: A Systematic Literature Review. Electronics, 9(2), 319. https://doi.org/10.3390/electronics9020319 DOI: https://doi.org/10.3390/electronics9020319

Friha, O., Ferrag, M. A., Shu, L., Maglaras, L. y Wang, X. (2021). Internet of Things for the Future of Smart Agriculture: A Comprehensive Survey of Emerging Technologies. IEEE/CAA Journal of Automatica Sinica, 8(4), 718-752. https://doi.org/10.1109/JAS.2021.1003925 DOI: https://doi.org/10.1109/JAS.2021.1003925

González-Pérez, P. (2023). Ethical Hacking: Teoría y práctica para la realización de un pentesting (3ª ed.). OxWORD.

Grupo Atico34. (2023). Confidencialidad, integridad y disponibilidad (Tríada CID). https://bit.ly/45WQR1U

Lima, P. M., Carvalho, L. K., y Moreira, M. V. (2018). Detectable and Undetectable Network Attack Security of Cyber-physical Systems. IFAC-PapersOnLine, 51(7), 179-185. https://doi.org/10.1016/j.ifacol.2018.06.298 DOI: https://doi.org/10.1016/j.ifacol.2018.06.298

Lu, Y. y Xu, L. Da. (2019). Internet of Things (IoT) Cybersecurity Research: A Review of Current Research Topics. IEEE Internet of Things Journal, 6(2), 2103-2115. https://doi.org/10.1109/JIOT.2018.2869847 DOI: https://doi.org/10.1109/JIOT.2018.2869847

Oliveira, S., Leal, A. B., Teixeira, M. y Lopes, Y. K. (2023). A classification of cybersecurity strategies in the context of Discrete Event Systems. Annual Reviews in Control, 56, 100907. https://doi.org/10.1016/j.arcontrol.2023.100907 DOI: https://doi.org/10.1016/j.arcontrol.2023.100907

Open Web Application Security Project. (2022). OWASP Top 10 - 2021. https://owasp.org/Top10/

Organización de las Naciones Unidas para la Alimentación y la Agricultura. (2018). More people, more food, worse water? A global review of water pollution from agriculture. https://bit.ly/4cFEN7s

Organización de las Naciones Unidas. (2019). World population prospects 2019: Highlights. https://bit.ly/45K0yjS

Orozco-Bonilla, C. A. (2021). Estrategias algorítmicas orientadas a la ciberseguridad: Un mapeo sistemático [Tesis de grado]. Universidad Politécnica Salesiana.

Quirumbay-Yagual, D. I., Castillo-Yagual, C., y Coronel-Suárez, I. (2022). Una revisión del Aprendizaje profundo aplicado a la ciberseguridad. Revista Científica y Tecnológica UPSE, 9(1), 57-65. https://doi.org/10.26423/rctu.v9i1.671 DOI: https://doi.org/10.26423/rctu.v9i1.671

Said-Mohamed, E., Belal, A. A., Kotb Abd-Elmabod, S., El-Shirbeny, M. A., Gad, A. y Zahran, M. B. (2021). Smart farming for improving agricultural management. The Egyptian Journal of Remote Sensing and Space Science, 24(3), 971-981. https://doi.org/10.1016/j.ejrs.2021.08.007 DOI: https://doi.org/10.1016/j.ejrs.2021.08.007

Sarowa, S., Kumar, V., Bhanot, B. y Kumar, M. (2023). Enhancement of Security Posture in Smart Farming: Challenges and Proposed Solution. Conferencia Internacional sobre Tecnologías de Inteligencia de Dispositivos, Computación y Comunicación (DICCT), 1-5. https://doi.org/10.1109/DICCT56244.2023.10110208 DOI: https://doi.org/10.1109/DICCT56244.2023.10110208

Singh, G. y Singh, J. (2023). Transformative Potential of IoT for Developing Smart Agriculture System: A Systematic Review. 4th International Conference on Communication, Computing and Industry 6.0 (C216), 1-6. https://doi.org/10.1109/C2I659362.2023.10430789 DOI: https://doi.org/10.1109/C2I659362.2023.10430789

Sinha, B. B., y Dhanalakshmi, R. (2022). Recent advancements and challenges of Internet of Things in smart agriculture: A survey. Future Generation Computer Systems, 126, 169-184. https://doi.org/10.1016/j.future.2021.08.006 DOI: https://doi.org/10.1016/j.future.2021.08.006

Yaacoub, J.-P. A., Noura, H. N., Salman, O., y Chehab, A. (2023). Ethical hacking for IoT: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3, 280-308. https://doi.org/10.1016/j.iotcps.2023.04.002 DOI: https://doi.org/10.1016/j.iotcps.2023.04.002

Zainuddin, N., Daud, M., Ahmad, S., Maslizan, M. y Abdullah, S. A. L. (2021). A Study on Privacy Issues in Internet of Things (IoT). 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP), 96–100. https://doi.org/10.1109/CSP51677.2021.9357592 DOI: https://doi.org/10.1109/CSP51677.2021.9357592