Security Vulnerabilities in Consumer IoT Applications

被引:15
|
作者
Shakdher, Arjun [1 ]
Agrawal, Suyash [1 ]
Yang, Baijian [1 ]
机构
[1] Purdue Univ, Dept CIT, W Lafayette, IN 47907 USA
来源
2019 IEEE 5TH INTL CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / IEEE INTL CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING (HPSC) / IEEE INTL CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS) | 2019年
关键词
Terms IoT; Application Security; Vulnerability; Man-in-the-middle attack; Penetration Test; INTERNET; THINGS; PRIVACY;
D O I
10.1109/BigDataSecurity-HPSC-IDS.2019.00012
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Extensive penetration testing to IoT applications was conducted in this work to discover the vulnerabilities. In addition to the study the most vulnerable security flaws defined by the Open Web Application Security Project (OWASP), this work also tested a set of man-in-the-middle attacks exploiting found vulnerabilities. It is discovered that a wide range of IoT apps in smart homes, security system, health-care and connected cars are susceptible to a set of attacks, and some of those apps have over 1 million downloads. Countermeasures were proposed as recommendations to secure the apps for IoT devices.
引用
收藏
页码:1 / 6
页数:6
相关论文
共 50 条
  • [11] Security Vulnerabilities in Mobile Health Applications
    Aliasgari, Mehrdad
    Black, Michael
    Yadav, Nikhil
    2018 IEEE CONFERENCE ON APPLICATION, INFORMATION AND NETWORK SECURITY (AINS 2018), 2018, : 21 - 26
  • [12] Modelling an IoT Testbed in Context with the Security Vulnerabilities of South Africa
    Nair, Kishor Krishnan
    Dube, Erick
    Lefophane, Samuel
    PROCEEDINGS OF 2017 3RD IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATIONS (ICCC), 2017, : 244 - 248
  • [13] Hybrid Firmware Analysis for Known Mobile and IoT Security Vulnerabilities
    Sun, Pengfei
    Garcia, Luis
    Salles-Loustau, Gabriel
    Zonouz, Saman
    2020 50TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN 2020), 2020, : 373 - 384
  • [14] On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids
    Mathas, Christos-Minas
    Vassilakis, Costas
    Kolokotronis, Nicholas
    Zarakovitis, Charilaos C.
    Kourtis, Michail-Alexandros
    ENERGIES, 2021, 14 (10)
  • [15] Analyzing Security Approaches for Threats,Vulnerabilities, and attacks in an IoT Environment
    Tyagi, Himani
    Kumar, Rajendra
    2021 INTERNATIONAL CONFERENCE ON COMPUTATIONAL PERFORMANCE EVALUATION (COMPE-2021), 2021, : 227 - 233
  • [16] Security and Trust in Forthcoming Consumer IoT Systems
    Herencsar, Norbert
    IEEE CONSUMER ELECTRONICS MAGAZINE, 2023, 12 (03) : 26 - 27
  • [17] Network Approaches to Improving Consumer IoT Security
    Melzer, Jordan
    Latour, Jacques
    Richardson, Michael
    Ali, Aisha
    Almuhtadi, Wahab
    2020 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS (ICCE), 2020, : 131 - 136
  • [18] Security Analysis on Consumer and Industrial IoT Devices
    Wurm, Jacob
    Hoang, Khoa
    Arias, Orlando
    Sadeghi, Ahmad-Reza
    Jin, Yier
    2016 21ST ASIA AND SOUTH PACIFIC DESIGN AUTOMATION CONFERENCE (ASP-DAC), 2016, : 519 - 524
  • [19] Identifying Vulnerabilities of Consumer Internet of Things (IoT) Devices: A Scalable Approach
    Williams, Ryan
    McMahon, Emma
    Samtani, Sagar
    Patton, Mark
    Chen, Hsinchun
    2017 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS (ISI), 2017, : 179 - 181
  • [20] NFC Security Analysis and Vulnerabilities in Healthcare Applications
    Alzahrani, Ali
    Alqhtani, Abdullah
    Elmiligi, Haytham
    Gebali, Fayez
    Yasein, Mohamed S.
    2013 IEEE PACIFIC RIM CONFERENCE ON COMMUNICATIONS, COMPUTERS AND SIGNAL PROCESSING (PACRIM), 2013, : 302 - 305
12345