Security Analysis of UDP-Based Data Transmission Between ESP32 Devices over Wi-Fi: Vulnerabilities and the Need for Encryption
Author: SABAH Ilyasse, AIT IJJA Abdelilah
Published on: April 4, 2025
This paper examines the security of UDP-based data transmission between two ESP32 devices over a Wi-Fi Wireless network. In the experiment, one ESP32 functions as a server (receiver), and the other as a client (transmitter). Our method demonstrates that an attacker after gaining access to the network can successfully craft and send malicious data packets to the ESP32 server. The methodology used in this study involves gaining access to the network and analyzing network packets to identify the ESP32 server. Once the server is identified, we use the python Scapy tool to generate malicious data packets and inject them into the network affecting the ESP32 server communication. The results highlight the significant security risks of using UDP for data transmission in IoT systems. We conclude that secure alternatives, such as encrypted communication protocols, should be employed to ensure the confidentiality and integrity of transmitted data, rather than relying on UDP.
Download PDF Version