An IoT Analysis Framework: An Investigation of IoT Smart Cameras' Vulnerabilities

Alharbi, Rana; Aspinall, David

doi:10.1049/cp.2018.0047

Cited by 21 publications

(12 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results are shown in Table II. 1 Overall, we found 17 vulnerabilities found in the 7 devices, including the vulnerabilities found in the penetration testing or reported in previous studies and news [16]- [20]. Most of them can be considered as common vulnerabilities among IoT devices listed by the OWASP IoT list [8].…”

Section: Results Of Analysismentioning

confidence: 81%

Retrofitting Security and Privacy Measures to Smart Home Devices

Indra

Aspinall

2019

2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS)

View full text Add to dashboard Cite

There is a current trend for Internet of Things (IoT) technology in the home. However, device vendors provide no guarantees of security or privacy of their gadgets, nor can such things be measured by consumers. By now, there have been many incidents of vulnerable devices being sold and real-world attacks. Despite proposals for improving the quality of consumer devices, vulnerable devices are likely to remain in use, with it being highly difficult to replace or patch their hardware or software. In this paper, we set out to design a mitigation framework so that home networks can be made resilient to vulnerable devices. First, we select a representative collection of home IoT devices with different functions, and investigate their security and privacy, discovering a range of exploitable flaws. Then we design a framework based on a dedicated router, firewall, an IoT control platform and other mechanisms, which allows mitigation of current and potential future vulnerabilities. The framework is designed to be adaptable and extensible for all kinds of devices. We implement this framework and evaluate it against the sample devices, finding that it can indeed prevent most of the known exploits and the new exploits we found. Based on this study, we make some design suggestions for the future enhanced home cyber-security platforms.

show abstract

Section: Results Of Analysismentioning

confidence: 81%

Retrofitting Security and Privacy Measures to Smart Home Devices

Indra

Aspinall

2019

2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS)

View full text Add to dashboard Cite

show abstract

“…Smart cameras in IoT applications (e.g., smart home monitoring) have several vulnerabilities [6,50,51], which can be exploited by attackers to gain root access to the smart camera nodes and compromise the security and privacy of data. In such applications the important assets to protect from unauthorized access are the captured sensitive information (images/videos), the secret keys (e.g., private keys and encryption keys) of smart cameras and the camera node itself.…”

Section: System Architecturementioning

confidence: 99%

Secure Smart Cameras by Aggregate-Signcryption with Decryption Fairness for Multi-Receiver IoT Applications

Ullah

Rinner

2019

Sensors

View full text Add to dashboard Cite

Smart cameras are key sensors in Internet of Things (IoT) applications and often capture highly sensitive information. Therefore, security and privacy protection is a key concern. This paper introduces a lightweight security approach for smart camera IoT applications based on elliptic-curve (EC) signcryption that performs data signing and encryption in a single step. We deploy signcryption to efficiently protect sensitive data onboard the cameras and secure the data transfer from multiple cameras to multiple monitoring devices. Our multi-sender/multi-receiver approach provides integrity, authenticity, and confidentiality of data with decryption fairness for multiple receivers throughout the entire lifetime of the data. It further provides public verifiability and forward secrecy of data. Our certificateless multi-receiver aggregate-signcryption protection has been implemented for a smart camera IoT scenario, and the runtime and communication effort has been compared with single-sender/single-receiver and multi-sender/single-receiver setups.

show abstract

“…Ranges of vulnerabilities are discovered with respect to the construction. Threat graphs have been used to estimate the protection risk score of organizational systems [16]. Topology robustness is certainly attained by degree difference and some functions.…”

Section: Figure 1-illustration Of Attack Graph [7]mentioning

confidence: 99%

Development of QoS Evaluation Algorithm for MQTT Protocol with Reference to Threat Model

2019

ijeat

View full text Add to dashboard Cite

MQTT protocol is publishing-subscribing model for IoT communication. In case of Quality of Services analysis, it is important to check the request and responses between publisher and subscriber. Any threat in communication channel is mostly leads to delay in operation. Hence, if we able to identify the delay parameter, we can suggest by means of QoS that there is a immediate need of security check for IoT system. As many IoT devices performed in unchecked, complicated, and often aggressive surroundings, safe-guarding IoT units present many different challenges. The key purpose for support quality degradation of IoT device interaction can be harmful attacks. Plenty of gadgets are often susceptible to port attacks/botnets hits, such as network attack events, which usually assessed by performing QoS Analysis. To start with factors affecting Quality of Services (QoS), in this paper we developed QoS evaluation algorithm “MQoS” for MQTT protocol and considered QoS-0 as an evaluation parameter. This paper refers the threat model which represents the flow of threats for proposed case study and can help to identify QoS by evaluating the possible communication threats. End–to-end device communication requests and responses are needed to be evaluated for large systems to get the actual QoS parameters for that system. For this reason the actual QoS tests will be conducted for third party applications.In this paper we presented results of MQTTv311 simulation for cooling sensor system.

show abstract

An IoT Analysis Framework: An Investigation of IoT Smart Cameras' Vulnerabilities

Cited by 21 publications

References 9 publications

Retrofitting Security and Privacy Measures to Smart Home Devices

Retrofitting Security and Privacy Measures to Smart Home Devices

Secure Smart Cameras by Aggregate-Signcryption with Decryption Fairness for Multi-Receiver IoT Applications

Development of QoS Evaluation Algorithm for MQTT Protocol with Reference to Threat Model

Contact Info

Product

Resources

About