Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service

Sachidananda, Vinay; Bhairav, Suhas; Elovici, Yuval

doi:10.4108/eai.13-7-2018.159803

Cited by 3 publications

(3 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The domain of physical attacks is comprised by attacks where the adversary can have physical access to the IoT system. Attacks under this category are tampering attacks, malicious code injections, radio frequency interference/jamming, fake node injections, sleep denial attack (or sleep deprivation), side channel attacks, and permanent DoS (PDoS) [34]. Network attacks occur when the IoT network is manipulated inhibiting the IoT system's nominal operation.…”

Section: Social Engineeringmentioning

confidence: 99%

Consumer, Commercial, and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

Xenofontos

Zografopoulos

Konstantinou

et al. 2022

IEEE Internet Things J.

View full text Add to dashboard Cite

Internet of Things (IoT) devices are becoming ubiquitous in our lives, with applications spanning from the consumer domain to commercial and industrial systems. The steep growth and vast adoption of IoT devices reinforce the importance of sound and robust cybersecurity practices during the device development life-cycles. IoT-related vulnerabilities, if successfully exploited can affect, not only the device itself, but also the application field in which the IoT device operates. Evidently, identifying and addressing every single vulnerability is an arduous, if not impossible, task. Attack taxonomies can assist in classifying attacks and their corresponding vulnerabilities. Security countermeasures and best practices can then be leveraged to mitigate threats and vulnerabilities before they emerge into catastrophic attacks and ensure overall secure IoT operation. Therefore, in this paper, we provide an attack taxonomy which takes into consideration the different layers of IoT stack, i.e., device, infrastructure, communication, and service, and each layer's designated characteristics which can be exploited by adversaries. Furthermore, using nine real-world cybersecurity incidents, that had targeted IoT devices deployed in the consumer, commercial, and industrial sectors, we describe the IoT-related vulnerabilities, exploitation procedures, attacks, impacts, and potential mitigation mechanisms and protection strategies. These (and many other) incidents highlight the underlying security concerns of IoT systems and demonstrate the potential attack impacts of such connected ecosystems, while the proposed taxonomy provides a systematic procedure to categorize attacks based on the affected layer and corresponding impact.

show abstract

Section: Social Engineeringmentioning

confidence: 99%

Consumer, Commercial, and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

Xenofontos

Zografopoulos

Konstantinou

et al. 2022

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…Devices: Several security and privacy analyses have been conducted against IoT devices [15][16][17][18]. Interfacing with physical devices can reveal behavioural characteristics, particularly those where user interaction is required.…”

Section: Motivationmentioning

confidence: 99%

argXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Binaries

Sivakumaran,

Blasco

2021

Preprint

View full text Add to dashboard Cite

Recent high-profile attacks on the Internet of Things (IoT) have brought to the forefront the vulnerability of "smart" devices, and have resulted in IoT technologies and devices being subjected to numerous security analyses. Many of the attacks had weak device configuration as the root cause, making the configuration of IoT devices a vector of interest for security analysis. One potential source of rich and definitive information about the configuration of an IoT device is the device's firmware itself. However, firmware analysis is complex and automated firmware analyses have thus far been confined to IoT hub or gateway devices, or peripheral devices with more traditional operating systems such as Linux or VxWorks. Most IoT peripherals, by their very nature of being resource-constrained, lacking traditional operating systems and implementing a wide variety of communication technologies, have only been the subject of smaller-scale analyses, typically confined to a certain class or brand of device. Analysing peripheral firmware is further complicated by the fact that peripheral firmware files are predominantly available as stripped binaries, without the ELF headers and symbol tables that would simplify reverse engineering.In this paper, we present argXtract, an open-source automated static analysis tool, which extracts security-relevant configuration information from stripped IoT peripheral firmware. Specifically, we target binaries that implement the ARM Cortex-M architecture, due to its growing popularity among IoT peripherals. argXtract overcomes the challenges associated with stripped Cortex-M analysis and is able to retrieve and process arguments to security-relevant supervisor and function calls, enabling automated bulk analysis of firmware files. We demonstrate this via three real-world case studies. The largest case study covers a dataset of 243 Bluetooth Low Energy binaries targeting Nordic Semiconductor chipsets, while the other two focus on Nordic ANT binaries and STMicroelectronics BlueNRG binaries. The results from all three case studies reveal widespread lack of security and privacy controls in IoT, such as minimal or no protection for data, fixed passkeys and trackable device addresses.

show abstract

“…This survey included academic articles, whitepapers, and technical reports available from open public sources. The most widely used example is the malware BrickerBot [5], which has undergone considerable investigation, most notably in the study by Sachidananda et al [12]. Their research offers an in-depth analysis of BrickerBot's capabilities, targeting methods, and potential impact.…”

Section: Introductionmentioning

confidence: 99%

Understanding and Classifying Permanent Denial-of-Service Attacks

Abaimov

2024

JCP

View full text Add to dashboard Cite

In the evolving landscape of cybersecurity threats, permanent denial-of-service (PDoS) attacks have emerged as a particularly damaging form of cyber aggression. Unlike the more well-known denial-of-service (DoS) attacks, which disrupt services temporarily, PDoS attacks aim to inflict irreversible damage to systems, often resulting in significant system overhauls and requiring hardware replacement. To enable the development of effective security measures, but also to address the knowledge gaps, this paper presents an in-depth exploration of PDoS attacks, emphasizing their distinguishing characteristics, underlying mechanisms, and potential further development. Through a comprehensive case study, this research highlights diverse tactics and strategies employed by attackers, from targeting IoT devices to manipulating boot processes and exploiting firmware vulnerabilities. A novel classification of PDoS attack vectors is proposed that also explains the ways in which the systems can be compromised. The findings confirm the pressing need for adaptive and robust defense mechanisms to mitigate the threats posed by PDoS attacks in our interconnected digital world.

show abstract

Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service

Cited by 3 publications

References 21 publications

Consumer, Commercial, and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

Consumer, Commercial, and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

argXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Binaries

Understanding and Classifying Permanent Denial-of-Service Attacks

Contact Info

Product

Resources

About