On the Impact of Kernel Code Vulnerabilities in IoT Devices

Eresheim, Sebastian; Luh, Robert; Schrittwieser, Sebastian

doi:10.1109/icssa.2017.16

Cited by 3 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Secure booting is necessary to prevent attackers from compromising an operating system or installing a malicious bootloader into IoT devices. However, IoT devices almost never secure the boot process and do not ensure software integrity [44]. Another IoT vulnerability arises from the lack of proper device update management.…”

Section: Physical Layermentioning

confidence: 99%

Analysis of Consumer IoT Device Vulnerability Quantification Frameworks

Baho

Abawajy

2023

Electronics

View full text Add to dashboard Cite

The increasing deployment of Internet of Things (IoT) devices in mission-critical systems has made them more appealing to attackers. Cyberattacks on IoT devices have the potential to expose sensitive data, disrupt operations, and even endanger lives. As a result, IoT security has recently gained traction in both industry and academia. However, no research has examined existing IoT vulnerability assessment frameworks in a systematic and comprehensive manner. To address this gap, this paper systematically reviews and analyses the research challenges and state-of-the-art IoT vulnerability assessment frameworks while taking into account both breadth and depth. The study provides insight into current IoT vulnerability assessment approaches, which is useful for ongoing efforts to characterise cybersecurity risks and manage IoT vulnerabilities. It will be of interest to a spectrum of readers, including those in the IoT research community, researchers in cybersecurity, risk and vulnerability management professionals, and others. By offering the latest perspective on the present IoT vulnerability assessment techniques, this study will raise IoT security awareness and facilitate research into IoT vulnerability assessment methodologies. The knowledge provided by this study will also be beneficial to future academics who are interested in the issues and solutions surrounding IoT security. The report also assists in understanding the research direction in IoT vulnerability assessment approaches, making it beneficial for those looking to create new methods for determining IoT vulnerabilities.

show abstract

Section: Physical Layermentioning

confidence: 99%

Analysis of Consumer IoT Device Vulnerability Quantification Frameworks

Baho

Abawajy

2023

Electronics

View full text Add to dashboard Cite

show abstract

“…However, in the domain of embedded systems, secure boot is often overlooked. Therefore, common IoT devices rarely secure the boot process and fail to assure software free from manipulation [7]. The absence of secure boot opens the door to attacks on mission-critical IoT systems.…”

Section: Introductionmentioning

confidence: 99%

Performance of Secure Boot in Embedded Systems

Profentzas

Günes

Nikolakopoulos

et al. 2019

2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS)

View full text Add to dashboard Cite

With the proliferation of the Internet of Things (IoT), the need to prioritize the overall system security is more imperative than ever. The IoT will profoundly change the established usage patterns of embedded systems, where devices traditionally operate in relative isolation. Internet connectivity brought by the IoT exposes such previously isolated internal device structures to cyber-attacks through the Internet, which opens new attack vectors and vulnerabilities. For example, a malicious user can modify the firmware or operating system by using a remote connection, aiming to deactivate standard defenses against malware. The criticality of applications, for example, in the Industrial IoT (IIoT) further underlines the need to ensure the integrity of the embedded software. One common approach to ensure system integrity is to verify the operating system and application software during the boot process. However, safety-critical IoT devices have constrained boot-up times, and home IoT devices should become available quickly after being turned on. Therefore, the boot-time can affect the usability of a device. This paper analyses performance trade-offs of secure boot for medium-scale embedded systems, such as Beaglebone and Raspberry Pi. We evaluate two secure boot techniques, one is only software-based, and the second is supported by a hardware-based cryptographic storage unit. For the software-based method, we show that secure boot merely increases the overall boot time by 4%. Moreover, the additional cryptographic hardware storage increases the boot-up time by 36%.

show abstract

Evaluation of Kernel-Level IoT Security and QoS Aware Models from an Empirical Perspective

Dhak¹,

Ramteke²

2022

Lecture Notes in Electrical Engineering

View full text Add to dashboard Cite

On the Impact of Kernel Code Vulnerabilities in IoT Devices

Cited by 3 publications

References 12 publications

Analysis of Consumer IoT Device Vulnerability Quantification Frameworks

Analysis of Consumer IoT Device Vulnerability Quantification Frameworks

Performance of Secure Boot in Embedded Systems

Evaluation of Kernel-Level IoT Security and QoS Aware Models from an Empirical Perspective

Contact Info

Product

Resources

About