Security Vulnerabilities in Consumer IoT Applications

被引:15
|
作者
Shakdher, Arjun [1 ]
Agrawal, Suyash [1 ]
Yang, Baijian [1 ]
机构
[1] Purdue Univ, Dept CIT, W Lafayette, IN 47907 USA
来源
2019 IEEE 5TH INTL CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / IEEE INTL CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING (HPSC) / IEEE INTL CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS) | 2019年
关键词
Terms IoT; Application Security; Vulnerability; Man-in-the-middle attack; Penetration Test; INTERNET; THINGS; PRIVACY;
D O I
10.1109/BigDataSecurity-HPSC-IDS.2019.00012
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Extensive penetration testing to IoT applications was conducted in this work to discover the vulnerabilities. In addition to the study the most vulnerable security flaws defined by the Open Web Application Security Project (OWASP), this work also tested a set of man-in-the-middle attacks exploiting found vulnerabilities. It is discovered that a wide range of IoT apps in smart homes, security system, health-care and connected cars are susceptible to a set of attacks, and some of those apps have over 1 million downloads. Countermeasures were proposed as recommendations to secure the apps for IoT devices.
引用
收藏
页码:1 / 6
页数:6
相关论文
共 50 条
  • [1] IoT Security: A review of vulnerabilities and security protocols
    Varma, Ravi Kiran P.
    Priyanka, M.
    Krishna, Vamsi B. S.
    Raju, Subba K., V
    JOURNAL OF MECHANICS OF CONTINUA AND MATHEMATICAL SCIENCES, 2019, 14 (02): : 509 - 520
  • [2] Analysis of Security Vulnerabilities for IoT Devices
    Kim, Hee-Hyun
    Yoo, Jinho
    JOURNAL OF INFORMATION PROCESSING SYSTEMS, 2022, 18 (04): : 489 - 499
  • [3] IoT Security and Consumer Trust
    Badran, Hosein F.
    PROCEEDINGS OF THE 20TH ANNUAL INTERNATIONAL CONFERENCE ON DIGITAL GOVERNMENT RESEARCH (DGO2019): GOVERNANCE IN THE AGE OF ARTIFICIAL INTELLIGENCE, 2019, : 133 - 140
  • [4] Security Vulnerabilities in Bluetooth Technology as Used in IoT
    Lonzetta, Angela M.
    Cope, Peter
    Campbell, Joseph
    Mohd, Bassam J.
    Hayajneh, Thaier
    JOURNAL OF SENSOR AND ACTUATOR NETWORKS, 2018, 7 (03):
  • [5] Computing Security Scores for IoT Device Vulnerabilities
    Rizvi, Syed
    McIntyre, Nicholas
    Ryoo, Jungwoo
    2019 INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND ASSURANCE (ICSSA 2019), 2019, : 52 - 59
  • [6] System Hardening and Security Monitoring for IoT Devices to Mitigate IoT Security Vulnerabilities and Threats
    Choi, Seul-Ki
    Yang, Chung-Huang
    Kwak, Jin
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2018, 12 (02): : 906 - 918
  • [7] Internet of Things (IoT): Application Systems and Security Vulnerabilities
    Ahamed, Jinesh
    Rajan, Amala V.
    2016 5TH INTERNATIONAL CONFERENCE ON ELECTRONIC DEVICES, SYSTEMS AND APPLICATIONS (ICEDSA), 2016,
  • [8] IoT Networks: Security Vulnerabilities of Application Layer Protocols
    Lalit, Mohit
    Chawla, Sunil Kumar
    Rana, Arun Kumar
    Nisar, Kashif
    Soomro, Tariq Rahim
    Khan, Muhammad Asghar
    2022 14TH INTERNATIONAL CONFERENCE ON MATHEMATICS, ACTUARIAL SCIENCE, COMPUTER SCIENCE AND STATISTICS (MACS), 2022,
  • [9] An Experimental Analysis of Security Vulnerabilities in Industrial IoT Devices
    Jiang, Xingbin
    Lora, Michele
    Chattopadhyay, Sudipta
    ACM TRANSACTIONS ON INTERNET TECHNOLOGY, 2020, 20 (02)
  • [10] IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices
    Meneghello, Francesca
    Calore, Matteo
    Zucchetto, Daniel
    Polese, Michele
    Zanella, Andrea
    IEEE INTERNET OF THINGS JOURNAL, 2019, 6 (05): : 8182 - 8201
12345